The Plain signer has the fully qualified class name: org.signserver.module.cmssigner.PlainSigner


The Plain signer can sign arbitrary data and simply produces a signature in the format determined by the configured signature algorithm.

Available Properties


Property specifying the algorithm used to sign the data. Default value depends on the signing key: SHA256withDSA for DSA keys, SHA256withECDSA for ECDSA keys, otherwise SHA256withRSA.

Algorithms NONEwithRSA and NONEwithECDSA are also supported and should be used when hash digest is supplied for signing not the data itself. When using NONEwithRSA algorithm, the input should be in particular format, refer to RFC#3447 for details.


Property specifying the algorithm used to create the message digest (hash) of the request document to put in the log. Default: SHA256.

DO_LOGREQUEST_DIGESTProperty specifying if the message digest of the requested document should be put in the log. Default: true.

Worker Log Fields

REQUEST_DIGESTA message digest (hash) for the request document in hex encoding.
REQUEST_DIGEST_ALGORITHMThe name of the message digest (hash) algorithm used for the request digest in the log.
RESPONSE_ENCODED The response document (plain signature) in base64 encoding.