Environment SWS
SWS is released with a default configuration that allows carrying out all necessary tests, using a pre-production signature system by Namirial. Obviously the resulted signatures are performed with certificates that are NOT issued by an accredited Certification Authority. Any verification of these signatures with third-party tools will report errors for unknown CA. If you want to sign with certificates enrolled by trusted CA, you should migrate from the TEST to a PROD configuration of SWS.
By default SWS is configured with TEST environment. At this link you can see the SWS configuration
At this step the vmdk file remains in the bucket, but an AMI with description SWS AMI is created in the default region with which aws cli has been configured (it is set when the client configuration is carried out at step 2)
At step 5 is possible to monitor the procedure started at step 4 (because this step is very slow)
At step 6 is possible to monitor from AWS panel console if the AMI has been imported correctly and is ready to be used.
After the import has been completed, you start the virtual machine and configure the parameters via "Menu Console".
Image Removed
This menu permits to set parameters like proxy, NTP ecc. The options of this menu are:
- Register: VA registration to our centralized update system (SCM)
- Config: IP ADDRESS, GATEWAY, DNS and ROOT PASSWORD configuration
- Update: Updates installation (system and push updates)
- Proxy: proxy configuration NTLM and port
- Restart_jboss: restart of the application server SWS
- Restart_osad: restart of sync module VA/SCM
- Reboot: VA restart
- Shutdown: VA shutdown
- Logout: exit from Menu Console
- Exit: go to Bash shell*
*This option must be selected under the monitoring of a Namirial operator. Namirial doesn’t give any support about modifications executed without WEB interface or Console Menù
Register: SCM Registration and Updates
The VA SWS has the possibility of being associated to an updates released centralized system. The update modes will be released in two different modes:
- Channel Updates (updates available for all the VA who has signed in)
- Push Updates (updates sent directly to the specified VA)
The registration system provides the VA restart and the resulting hostname changing with the following scheme: NomeDelCertificatoDiFirma_ultime4cifreMacAddress. The maintenance of the hostname* is a prerogative to use the updates centralized systems (SCM).
Changing the hostname will not allow to the SCM system nor release the Push Updates service nor keep track of SWS releases and packs changes inside the VA. It is strongly discouraged to vary this parameter.
From MC it will be possible to launch the operation.
Functional Verification
Appliance SWS offer a GUI for test if signature and verify works correctly.
Try if signature device device works
Make sure that system works: start the virtual machine, open a browser on a workstation able to reach the machine and enter the following url:
http://<IP-APPLIANCE>:8080/SignEngineWeb/indexhelp.xhtml
A page as the one below will be shown:
Image Removed
Make sure that the signature system works properly:
Submit any document and drag it in the area below the box “File da firmare”.
Enter the following parameters:
Like in this figure:
Image Added
Below are the steps for migrating from TEST to PROD. It is very easy: you should only upload one JKS file, which contains the certificates for connecting to our system of signature.
Please get in touch with our consultants for obtaining such a certificate.