Overview

SignServer is a framework designed to perform different kind of digital signatures for different applications.

There are three kind of processable services.

• Signers (used to sign or in other way process requested data).
• Validation Services used to verify the validity of a certificate against a set of backed issuers. The validation service can be used to simply the integration of PKIs into existing applications.
• Group key service framework used to manage and to distribute group keys for different applications, these keys can be both symmetric and asymmetric.

In addition to processable services there also exists another concept called Timed Service which are plug-ins run at defined intervals performing maintenance or reporting routines.

Out-of-the-box are there several signers ready to be used. They can easily be configured after installation of SignServer.

The main way of communicating with the SignServer is through a WebService interface (previous versions had a RMI-SSL interface, but that have been replaced by the WS for platform independence). Signers are also available through HTTP communication and some signers (PDF, ODF, OOXML, XML, MRTD) have simple HTML pages that allows users to upload documents to be signed.

Administration is done through a command-line interface, where properties and access controls can be configured.

One instance of SignServer can have multiple signers for different purposes.