diff options
Diffstat (limited to 'work/cfg/config.properties')
-rw-r--r-- | work/cfg/config.properties | 39 |
1 files changed, 37 insertions, 2 deletions
diff --git a/work/cfg/config.properties b/work/cfg/config.properties index 0f54030..509caae 100644 --- a/work/cfg/config.properties +++ b/work/cfg/config.properties @@ -14,6 +14,18 @@ ldap.url=http://xxx.yyy.z.com:5000/some/fake/url cert.alg.rsa=http://www.w3.org/2000/09/xmldsig#rsa-sha1
cert.alg.ecdsa=http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
+# time frame the signing time may differ (in the upper and the lower direction) from the host time
+# in seconds
+# valid frame: current time - signing_time_tolerance ... current time + signing_time
+# no value or -1 means that the signing time is not checked
+signing_time_tolerance=900
+
+# this key overrides the dynamically built locrefcontent URL for the retrieval of the data to be signed
+# remove/disable this key to enable the old dynamic build process
+# Use this key to overcome SSL Problems with dataurl communication.
+# Note: Assure that this URL is accessible from the citizen card environment.
+#retrieve_signature_data_url_override=http://localhost:8080/pdf-as/RetrieveSignatureData
+
# Beim Signieren: Überprüfung ob Dokument PDF-Version 1.4 (oder weniger) hat
strict_mode=false
@@ -27,7 +39,7 @@ correct_document_if_necessary=true # internal - das Dokument wird mit dem "internen" iText Corrector korrigiert
# external - das Dokument wird durch einen externen Kommandozeilenaufruf korrigiert.
# Hinweis: ein externes Programm aufzurufen birgt gewisse Risiken in sich
-# und sollte daher nöglichst nicht verwendet werden.
+# und sollte daher möglichst nicht verwendet werden.
corrector=internal
# Kommandozeile für den externen Connector.
@@ -63,15 +75,21 @@ default.bku.algorithm.id=etsi-bka-1.0 # MOA Algorithm - Kennzeichnung
default.moa.algorithm.id=etsi-bka-moa-1.0
+# MOCCA Algorithm - Kennzeichnung
+default.moc.algorithm.id=etsi-moc-1.0
+
# MOA Detached Signieren aus Konsole möglich - zurzeit möglich nur mit BKU
moa.sign.console.detached.enabled=false
# MOA Kennzeichnungsfeld anzeigen
moa.id.field.visible=false
+
#############################################
# Signaturdienste
+# BKU settings
+
bku.available_for_web=true
bku.available_for_commandline=true
@@ -84,7 +102,7 @@ bku.sign.request.base64=./templates/default.bku.sign.enveloping.xml # default bku detached sign template file
bku.sign.request.detached=./templates/default.bku.sign.detached.xml
-# BKU VERIFYING
+# BKU verification
bku.verify.url=http://127.0.0.1:3495/http-security-layer-request
bku.verify.template.base64old=./templates/default.bku.verify.template.enveloping.old.xml
@@ -96,6 +114,22 @@ bku.verify.template.base64=./templates/default.bku.verify.template.enveloping.xm bku.verify.request.detached=./templates/default.bku.verify.request.detached.xml
bku.verify.template.detached=./templates/default.bku.verify.template.detached.xml
+
+# MOCCA settings
+moc.available_for_web=true
+moc.available_for_commandline=false
+
+# MOCCA signature
+moc.sign.url=https://apps.egiz.gv.at/bkuonline/https-security-layer-request
+moc.sign.KeyboxIdentifier=SecureSignatureKeypair
+# default MOCCA signature template
+moc.sign.request.detached=./templates/default.moc.sign.detached.xml
+
+# MOCCA verification
+# default MOCCA verify template
+moc.verify.template.detached=./templates/default.moc.verify.template.detached.xml
+
+
# A1 settings
a1.available_for_web=false
a1.available_for_commandline=false
@@ -135,6 +169,7 @@ moa.verify.template.base64=./templates/default.moa.verify.template.enveloping.xm moa.verify.request.detached=./templates/default.moa.verify.request.detached.xml
moa.verify.template.detached=./templates/default.moa.verify.template.detached.xml
+
#############################################
# Responsemeldungen der Signaturdienste
|