Versions Compared

Version Old Version 1 New Version 2
Changes made by

Lorenzo Cardinali

Lorenzo Cardinali

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
stylenone

Installation

SWS has been released on Docker image. SWS on Docker require the volume to share the configuration between all instances of SWS executed on orchestrator (like Kubernetes)

How can i obtain the SWS on Docker?

Namiral publish the docker images of SWS on this repository:

...

NOTE: Once the installation has been completed, the SWS is ready to communicate with Namirial environment

Minimum Requirements

For proper operation it is necessary that the virtual machine has allocated at least the following resources. By default sws docker image, use the 70% of the memory available.

...

Code Block
--memory=1024m --cpus=2

How can I check if the installation has been completed succesfully?

To check if the docker instance has been executed without erros, you can open this link from browser:

...

And check if the field “global” is “UP”

Administration

Below will be described the methods used to manage the configurations.

...

Namirial reccomends to change this key.

How change the api-key (password)?

The method used to change the authentication key is exposed at this path:

...

Code Block
curl -i -X PUT http://<IP-APPLIANCE>:8080/SignEngineWeb/rest/server-admin/change-apikey?newApiKey=NEW_API_KEY \
-H 'x-api-key: OLD_API_KEY'

How can enable opeapi and swagger?

By default, for security reason openapi and swagger are disabled. if you need to enable. you should add this field to docker run:

...

Code Block
http://<IP-APPLIANCE>:8080/SignEngineWeb/rest/openapi-ui.html

How can I migrate from TEST to PROD environment?

When you install the docker image, the instance is configured to communicate with Namirial TEST environment. To migrate from TEST to PROD environment, you can use this method:

...

Code Block
curl -i -X POST http://<IP-APPLIANCE>:8080/SignEngineWeb/rest/server-admin/upload-keystore \
-H 'x-api-key: API_KEY' \
--header 'Content-Type: multipart/form-data' \
--form 'file=@/PATH_OF_SSL_CERTIFICATE/prod_sws_namirial.jks'

How can I check the connection between SWS and Namirial servers?

SWS application use external servers (managed by Namirial) to perform the hash signature (PKCS#1). This method allows to check if the comunication between SWS and Namirial servers correctly works.

...

Code Block
curl -i -X GET http://<IP-APPLIANCE>:8080/SignEngineWeb/rest/server-admin/check-connection

How can I get the system info?

If you need to know the configurations used by Docker like: environment, version ecc.., you can use this resource:

...

Code Block
curl -i -X GET http://<IP-APPLIANCE>:8080/SignEngineWeb/rest/server-admin/sys-info

How can I edit the timestamp configuration?

If you need to set the custom configurations about timestamp (RFC3161) and the TSL (Trusted List) refresh period, you can specify the following fields:

...

Code Block
languagebash
curl -i -X DELETE 'http://<IP-APPLIANCE>:8080/SignEngineWeb/rest/server-admin/update-configs' \
--header 'x-api-key: API_KEY'

How can I configure proxy on SWS?

By default SWS doesn’t use proxy, but it is possible to configure it using the following resource:

...

Code Block
languagebash
curl -i -X DELETE 'http://<IP-APPLIANCE>:8080/SignEngineWeb/rest/server-admin/configure-proxy' \
--header 'x-api-key: API_KEY'

How can I enable the logs on file?

By default SWS log on console, therefore it’s not possible to download the files with logs. If you need to retrieve the log files, first of all you have to enable log on files (re)running the docker instances with the environment variable:

...

Code Block
/opt/sws/log/${DOCKER_UUID}

How can i export log on files?

If you need to export log, SWS offer a specific resource to download the files.

...

Code Block
languagebash
curl -i -X GET 'http://<IP-APPLIANCE>:8080/SignEngineWeb/rest/server-admin/export-log' \
--header 'x-api-key: API_KEY' -o path/file_with_log.zip

How can I expose SWS services on 8443 port using HTTPS protocol?

By default SWS is exposed on 8080 port using HTTP protocol, but if you want to expose SWS services on 443 port using HTTPS protocol, you have to provide a keystore containing SSL private key and certificate by the following resoruce:

...

Code Block
languagebash
curl -i -X POST 'http://<IP-APPLIANCE>:8080/SignEngineWeb/rest/server-admin/configure-https' \
--header 'x-api-key: API_KEY' \
--form 'keystore=@SSL_CERTIFICATE' \
--form 'options="{ 
	\"type\": \"KEYSTORE_TYPE\",
	\"password\": \"KEYSTORE_PASSWORD\", 
	\"alias\": \"KEY_ALIAS\" 
}"' -v

How can I manage fonts?

When you perform PAdES signatures using appereance, you can specify the font name (padesPreferences.signerImage.fontName). SWS offers some font name that you can see by the following resource:

...

Code Block
languagebash
curl -i -X GET 'http://<IP-APPLIANCE>:8080/SignEngineWeb/rest/server-admin/fonts' \
--header 'x-api-key: API_KEY'

How can I add custom font?

Sometimes can happen a customer need to use a specific font. If it is not present, is possible to add manually providing the “ttf” file related to the font, using this resource:

...

Code Block
languagebash
curl -i -X POST 'http://<IP-APPLIANCE>:8080/SignEngineWeb/rest/server-admin/upload-fonts' \
--header 'x-api-key: API_KEY' \
--form 'font=@FONT_FILENAME.ttf'

How can I delete custom font in SWS?

If you have uploaded a font by mistake or want remove a font unused, you can use this resource:

...

Code Block
languagebash
curl -X DELETE 'http://localhost:8080/SignEngineWeb/rest/server-admin/fonts' \
--header 'x-api-key: foo123' \
--header 'Content-Type: application/json' \
--data '{
  "fontNames": [
    "A_DejaVuSansMono.ttf",
    "ffff.ttf"
  ]
}'

How can I obtain the latest version?

If you want updated sws to latest version, you can do:

...