Clients

Lists the clients authorized to access this worker using client certificate authentication (if used) and allows to edit or remove them.

Note that the authorization list is present even if the worker is configured with a different AUTHTYPE and therefore not using the list.

For step-by-step configuration instructions, see Configure Client Certificate Authentication and Authorization.

ActionDescription
Add...

Adds a new client authorization rule.

Select what Subject field from the certificate to match on, for example, Certificate Serial Number or RDN: CN, commonName. Specify the expected value for the chosen field. For Certificate Serial Number it should be provided in hexadecimal form, while the other fields expect the values in textual representation. Additionally, specify the DN in EJBCA style textual representation for the Issuer.

Alternatively chose to import from certificate by clicking From File and provide a certificate file, or click Load Current to load your administrator certificate. You then have the option to choose which of the existing fields to match on.

Optionally, specify a free-text description of the rule.

Click Submit to save the new rule.

Reload from databaseReloads the authorizations from database. This would normally only be needed when running SignServer in clustered setup with a shared database, and changes have been made to authorizations from another node.
Edit

For an existing authorization rule, the corresponding Edit link allows updating a rule.

Edit the fields for Subject and/or Issuer or description, and click Submit to save the updated rule.

Remove

For an existing authorization rule, the corresponding Remove link allows removing a rule.

Confirm the removal by clicking the Remove button.