Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  1. At the time of installation select the Advanced Configuration option at Database Configuration screen and click on Next
  2. At the next screen of Advanced JDBC Configuration, leave the windows User ID and Password fields empty
  3. In the JDBC URL field enter the database server name and database name along with following details:

    1. Kerberos Authentication
      e.g. jdbc:sqlserver://db-machine;databaseName=adss-db;integratedSecurity=true;authenticationScheme=JavaKerberos

    2. Windows Authentication
      e.g. jdbc:sqlserver://db-machine:1433;databaseName=adss-db;integratedSecurity=true

  4. Click Next button to proceed with the installation wizard.
  5. Follow this KB article to register all the instances of ADSS Server under domain user account:


The user account should be in administrators group on the ADSS Server machine as well as have necessary read/write privileges on the database created for the ADSS Server.


  1. Install ADSS Server using SQL Server authentication.
  2. Click here to download a patch that is required to run ADSS Server and SigningHub Core without storing username and password over windows authentication.
  3. Unzip the patch and overwrite its content on [SigningHub-Home].
  4. Now go to [SigningHub-Home]/tools/adss-server/conf directory.
  5. Open the hibernate.cfg.xml in edit mode and change the values of these elements as shown below:

    • For Kerberos Authentication

      Code Block
      <property name="hibernate.connection.url">jdbc:sqlserver://localhost:1433;databaseName=ADSS-Server-DB;integratedSecurity=true;authenticationScheme=JavaKerberos</property>
      <property name="hibernate.connection.username"></property>
    • For Windows Native Authentication:

      Code Block
      <property name="hibernate.connection.url">jdbc:sqlserver://<DATABASE_MACHINE>:1433;databaseName=<DATABASE_NAME>;integratedSecurity=true</property>
      <property name="hibernate.connection.username"></property>
  6. Now go to [SigningHub-Home]/core/conf directory.
  7. Open the hibernate.cfg.xml in edit mode and change the values of these elements as shown below:

    Code Block
    <property name="hibernate.connection.driver_class"></property>
    <property name="hibernate.connection.url">jdbc:sqlserver://localhost:1433;databaseName=SH-DB;integratedSecurity=true</property>
    <property name="hibernate.connection.username">db-user</property>
    <property name="hibernate.connection.password">password</property>
    <property name="">none</property>

    Do not comment or delete the username and password properties from the file - use these values as a dummy username and password otherwise ADSS Server and/or SigningHub will fail to start.

  8. Follow this KB article to register all the instances of ADSS Server/SigningHub Core under domain user account: 

How to register all the instances of ADSS Server/SigningHub Core under domain user account?

After the installation of ADSS Server with Windows Authentication, follow these steps to register all the instances of ADSS Server under domain user account:

  1. Launch the Windows Services Panel.

  2. Stop the ADSS Server Core, Console and Service instances.

  3. Right click and open the properties for each instance one by one:

    1. Navigate to Log On tab

    2. Change the Log On as settings from "Local System account" to "This account"

    3. Provide the domain name\username and password for the domain user account as shown below:

  4. Start (Ascertia-ADSS-ConsoleAscertia-ADSS-CoreAscertia-ADSS-Service) from windows services panel for the changes to take effect.

How to Install ADSS Server with Azure SQL? 

  1. Extract the ADSS Server package
  2. Go to location: [ADSS-Server-Installation-Dir]\tomcat\bin and edit these files: 

    For Linux

      • Edit file in a text editor and search for the parameter JAVA_OPTS and add parameter at the end and save the changes as shown below:

        Code Block
        JAVA_OPTS="$JAVA_OPTS -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true"

    For Windows

      • Edit catalina.bat file in a text editor and search for the strings %JAVA_OPTS% %CATALINA_OPTS% and add parameter at the end of each string and save the changes as shown below:

        Code Block
        goto end
        goto end
        if not "%SECURITY_POLICY_FILE%" == "" goto doSecurityJpda
        goto end
        goto end
      • Edit the service.bat file in a text editor and search for the parameter --JvmOptions and ++JvmOptions one by one, add parameter ; at the following location for both of them and save the changes

        Code Block
        "%EXECUTABLE%" //US//%SERVICE_NAME% --JvmOptions "-Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true;-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true;-Dcatalina.base=%CATALINA_BASE%;-Dcatalina.home=%CATALINA_HOME%;-Djava.endorsed.dirs=%CATALINA_HOME%\endorsed;" --StartMode jvm --StopMode jvm
        "%EXECUTABLE%" //US//%SERVICE_NAME% ++JvmOptions "-Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true;-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true;\temp;-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager;-Djava.util.logging.config.file=%CATALINA_BASE%\conf\;" --JvmMs %6 --JvmMx %7
  3. Go to [ADSS-Server-Installation-Dir]/setup directory and run the install.bat/sh file by right clicking and choosing Run as administrator option
  4. On the ADSS Server Installation Type dialog, select the required option
  5. Select the appropriate ADSS Server license file
  6. Select the database type Azure SQL
  7. Provide the credentials for the restored database on Azure SQL
  8. Continue with the installation and click the Finish button to complete the installation. More detailed instructions can be found in section 3.1.4 of the ADSS Server installation guide.

Ensuring that Linux daemons are started successfully

On some flavors of Linux (e.g. Fedora) ADSS Server daemons are not started by default at boot time.  To ensure the three daemons start at boot time, append the following commands in /etc/rc.local/:


Code Block
service tomcatd-ADSS-core start
service tomcatd-ADSS-console start
service tomcatd-ADSS-service start


Now all of the ADSS Server daemons will start properly after a system reboot.

What causes ADSS Server Windows services and Unix daemons to not register properly during installation?

When ADSS Server services are not registered properly it is usually because the installer process has not been run with using Administrator (or root) privileges.
If the ADSS Server is installed but the services are not registered then follow these instructions to register the daemon/services:

For Windows:

  1. Go to the folder: [ADSS Server installation directory]/tomcat/bin/.
  2. Execute the following batch files one by one using administrator privileges (right click and then select the option Run as administrator).
    • install_core.bat
    • install_console.bat
    • install_service.bat


  1. Go to the directory: [ADSS Server installation directory]/tomcat/bin/.
  2. Execute the following script files one by one using root user privileges.

NOTE:  Very occasionally the ADSS Server Windows services might not register properly because of this issue:

  1. Go to the location: [ADSS Server installation directory]/tomcat/bin/
  2. Open the following script files one by one and ensure the property "set INSTALL_PATH" is set to point to the absolute path for the ADSS Server root installation directory e.g. D:/ADSSv5.2/
    • install_core.bat
    • install_console.bat
    • install_service.bat
  3. If this property is not correctly set then edit the files and set the correct path of the ADSS Server installation folder 
  4. If you see permission issues (e.g. access denied message) then temporarily copy these files to a location where you have full permissions to modify the files e.g. your desktop and modify these files
    After modifying them copy and overwrite these files back to their original location, click on OK if a dialog appears asking for administrative rights.
  5. Run these modified install scripts one by one and right click select Run as administrator
  6. Check that the Windows services are now registered within the Windows services panel

Running ADSS Server as a non-root user daemon on UNIX


  1. Run the Oracle SQL Developer tool and select New Connection:
  2. Enter the credentials of the Database Server where you want to create DB user:
  3. Once the Database Server is connected, go to the Other Users tab and right click on the label:
  4. Select Create User option from the drop-down menu and provide User Name, Password, and set the Default Tablespace to be SYSTEM and Default Temporary Tablespace to be TEMP
  5. Now select the Granted Roles tab on the above dialog and select the roles Connect, DBA and Resource privileges.
  6. Click Apply button to create the user
  7. After creating the user, run the ADSS Server installer and navigate to the Database Credentials dialog (it is assumed that you selected the Oracle database on the previous dialog) and enter these credentials as following:

    Note that in Database Name, set the SID of the Oracle Database
  8. Click Next to complete the ADSS Server installation




How to restart the ADSS Server from Windows Service Panel / Linux Daemon?

Follow these instructions to restart the ADSS Server from Windows Services Panel/ Linux Daemon for the changes to take effect:

For Windows:

  1. Launch the Run dialog by hitting WIN + R on keyboard
  2. Type in services.msc and hit Enter on the keyboard to launch the Windows Service Panel
  3. Right click on the following services one by one then select option Restart:
    • Ascertia-ADSS-Core
    • Ascertia-ADSS-Console
    • Ascertia-ADSS-Service

      Image Added
    • Close the Windows Services Panel

For Linuc OS:

  1. Launch the Linux Terminal
  2. Execute the following commands one by one to restart the ADSS Server:
    • Service tomcatd-ADSS-core restart
    • Service tomcatd-ADSS-console restart
    • Service tomcatd-ADSS-service restart