- SignServer Introduction
- SignServer Installation
- SignServer Operations
- SignServer Integration
-
SignServer Reference
- Deploy-time Configuration
-
SignServer Workers
- Common Configuration
-
SignServer Signers
- Common Properties
- Time Stamp Signer
- MS Authenticode Time Stamp Signer
- Extended Time Stamp Signer
- MRTD Signer
- MRTD SOD Signer
- PDF Signer
- ODF Signer
- XML Signer
- XAdES Signer
- OOXML Signer
- CMS Signer
- Extended CMS Signer
- MS Authenticode Signer
- MS Authenticode CMS Signer
- JArchive Signer
- JArchive CMS Signer
- Master List Signer
- Plain Signer
- OpenPGP Signer
- Debian Dpkg-sig Signer
- OpenPGPPlain Signer
- SignServer Document Validators
- SignServer Dispatchers
- SignServer Validation Service Framework
- SignServer Timed Services
- Other Workers
- SignServer Components
- Logging
- SignServer Authentication and Authorization
- Status Repository
- Health Check
- SignServer TimeMonitor Application
-
SignServer User Interfaces
- Administration CLI
- Administration GUI
-
Administration Web
- Main Page
- Workers Page
- Global Configuration Page
- Administrators Page
- Audit Log Page
- Archive Page
- Database CLI
- Internationalization
- Peer Systems
- Client-Side Hashing
- Key Wrapping
- Developer Reference
- SignServer Release Information
Administrators Page
Authorizations
Lists administrator certificates that has been explicitly granted access and specific roles.
Also note the Allow Any Administrator setting which if set to "Allow any" grants the Admin role to any administrator with a valid certificate even if it is not listed. Instead with the value "Only listed", only the administrators listed in the table are allowed.
| Action | Description |
|---|---|
| Add... | Adds a new authorization rule. Fill in the Certificate serial number in hex format and the Issuer DN. Alternatively use the ... (browse) button to upload a certificate to load it from or use the Load Current button to fill in the values from your administrator certificate. Select the Roles that should be assigned. Click the Add button to have the new rule saved. |
| Edit | For an existing authorization rule the corresponding Edit button allows for changing the values. Make the wanted changes to the Certificate serial number field, Issuer DN field and for the Roles. Click the Submit button to have the updated rule saved. |
| Remove | For an existing authorization rule the corresponding Remove button allows to remove a rule. Confirm the removal by clicking the Remove button. |
Allow Any Administrator
Before switching to allowing only listed administrator make sure your credentials are listed otherwise you will directly be denied access after the switch.
| Action | Description |
|---|---|
| Switch to 'Only listed' | If the current setting is to allow any administrator then clicking this button switched to the other mode. |
| Switch to 'Allow Any' | If the current setting is to only allow listed administrators then clicking this button switched to the other mode. |
Peer Systems
| Action | Description |
|---|---|
| Allow incoming connections | Check this check box and Click the Save button in order to allow incoming connections from Peer Systems. |
| Save | Saves the state of the Allow incoming connections check box. |
Incoming Connections
| Column/Action | Description |
|---|---|
| Remote identity | The subject DN from the client certificate for the incoming connection. |
| Remote address | The IP address of the incoming connection. |
| Last seen | The date and time the connection was last made. |
| Authorized | If the certificate is in the Peer Systems role. |
| Clear | Click the button to forget the connection. |
| Modify Authorization | The button is visible if there is a rule for the certificate. Clicking the button opens the Edit Authorization page for the rule. |
| Add Authoriztion... | The link is visible if there is not a rule for the certificate. Clicking the link opens the Add Authorization page with the certificate information filled in and the Peers Role selected. |