Skip to end of metadata
Go to start of metadata

How can I disable/hide the alert messages on ADSS Server Console home screen?

 Follow these instructions to disable/hide home screen alert messages:

  1. Launch the ADSS Server console.
  2. Go to location: Global Settings > Advanced Settings.
  3. From the Property Type drop down select Console.
  4. Search for param SHOW_HOME_SCREEN_ALERTS, click on its value to change it.
  5. Change the value to FALSE and click on Update button.
  6. Restart the ADSS Console instance from Windows NT Services panel or UNIX daemon in order to have the change into effect.

How can I increase the alert threshold time?

Follow these steps to increase the alert threshold time:

  1. Launch the ADSS Server console.
  2. Go to location: Global Settings > Advanced Settings.
  3. From the Property Type drop down select General.
  4. Search for param ALERTS_BLOCK_THRESHOLD, click on its value to change it.
  5. Change the time (currently it is 300 seconds) to your desired one. 
  6. Restart the ADSS Core, Console and Service instances from Windows NT Services panel or UNIX daemon in order to have the change into effect.

How to configure multiple Certificate policies against a certificate template?

Currently operator can configure only Two certificate policies inside a certificate template on the ADSS Server GUI but if it is required to add more policies against the configured template then follow these instructions:

  1. Download this attached file certificate_policies.xml.
  2. Open this file in any text editor:

    certificate_policies.xml

    Following sections explain each part of the XML:

    XML TagsDescription
    CertificateTemplateCertificateTemplate is the root element.
    Template

    The elements in between <Template> and </Template> tags are used to define the template configurations, it includes the following attribute:

    • Id: Specify the Template ID already created in ADSS Server i.e. Key Manager > Certificate Templates

    Note: If it is to configure policies for multiple templates then repeat this tag along with child nodes.

    CertificatePoliciesThe elements in between <CertificatePolicies> and </CertificatePolicies> tags are used to define multiple certificate policies configurations against a CertificateTemplate.
    PolicyDefinition

    The elements in between <PolicyDefinition> and </PolicyDefinition> tags are used to define multiple certificate policies definitions against a CertificateTemplate. It includes following child nodes:

    • PolicyId: Specify the Policy OID to be included
    • CpsUri: Optionally specify the URI to the issuer's Certificate Practice Statement. Keep this tag empty if not required
    • UserNotice: Optionally specify user notice. Keep this tag empty if not required

    Note: If it is required to add multiple policy definitions against the same template then repeat this tag along with child nodes.

  3. Fill in the Template ID, PolicyId, CpsUri and UserNotice accordingly
  4. Save the changes and close the file
  5. Move this file to location [ADSS Server installation directory]/conf
  6. Restart the ADSS Server from Windows service panel or Unix daemon to have the changes take effect

How to configure allowed policies for a configured Local CA when the certificates are issued against the CA/B forum and WebTrust guidelines?

When CA validation check is enabled inside the ADSS Server Global Settings > Advanced Settings page then the certificates will be issued against the CA/B forum and WebTrust guidelines. If it is required to add additional certificate policies in the issuing certificates other than the policies defined in the issuing CA then follow these instructions:

  1. Download this attached file allowed_ca_policies.xml.
  2. Open this file in any text editor:

    certificate_policies.xml

    Following sections explain each part of the XML:

    XML TagsDescription
    AllowedPolicyOIDsAllowedPolicyOIDs is the root element
    CA

    The elements in between <CA> and </CA> tags are used to define the CA configurations, it includes the following attribute:

    • FriendlyName: Specify the CA Friendly Name which is already configured as Local CA in ADSS Server i.e. Manage CAs > Local CAs

    Note: If it is required to configure allowed policies for multiple issuing CAs then repeat this tag along with child nodes.

    CertificatePoliciesThe elements in between <CertificatePolicies> and </CertificatePolicies> tags are used to define multiple allowed certificate policies for issuing certificates.
    PolicyDefinition

    The elements in between <PolicyDefinition> and </PolicyDefinition> tags are used to define multiple certificate policies definitions against a issuing CA. It includes following child node:
    PolicyId: Specify the Policy OID to be included in the allowed list

    Note: If it is required to add multiple policy definitions against the same issuing CA then repeat this tag along with child node

  3. Fill in the FriendlyName and PolicyID accordingly
  4. Save the changes and close the file
  5. Move this file to location [ADSS Server installation directory]/conf
  6. Restart the ADSS Server from Windows service panel or Unix daemon to have the changes take effect

How to configure multiple CRL Distribution points for a configured Local CA?

Currently operator can configure only One CRL Distribution Point against a CA in ADSS Server i.e. Manage CAs > Local CAs but if it is required to add multiple CRL Distribution Point against the Same CA then follow these instructions:

  1. Download this attached file certificate_extensions.xml.
  2. Open this file in any text editor:

    certificate_policies.xml

    Following sections explain each part of the XML:

    XML TagsDescription
    CertificateExtensionsCertificateExtensions is the root element
    CrlDistributionPoints

    The elements in between <CrlDistributionPoints> and </CrlDistributionPoints> tags are used to define the CA configurations, it includes the following attribute:

    • caName: Specify the CA Friendly Name which is already configured as Local CA in ADSS Server i.e. Manage CAs > Local CAs

    Note: If it is required to configure multiple CRL Distribution Point for multiple issuing CAs then repeat this tag along with child nodes.

    DistributionPoint

    The elements in between <PolicyDefinition> and </PolicyDefinition> tags are used to define multiple CRL Distribution Point against an issuing CA.

    Note: Multiple CRL Distribution Point can be defined here

  3. Fill in the caName and DistributionPoint accordingly
  4. Save the changes and close the file
  5. Move this file to location [ADSS Server installation directory]/conf
  6. Restart the ADSS Server from Windows service panel or Unix daemon to have the changes take effect
  • No labels