Alerts Properties
The overall configuration of alerts can be set using alerts profiles. Profiles support the following values:
DEFAULT- the default DSS alerts configuration that is used when no other profile is specifiedSTRICT- a strict alerts profile that enforces all alerts to be treated as errors with raised exceptionsRELAXED- a relaxed alerts profile that treats all alerts as warnings in log onlyIGNORE- an ignore alerts profile that ignores all alerts without any logging or exceptions
| Property | Description | Default Value | Mandatory | Metadata Support |
|---|---|---|---|---|
| ALERTS_PROFILE | Sets the alerts profile to be used during signing. | DEFAULT | NO | YES |
Specific alerts behavior can be further overridden using the following values:
INHERIT- inherit the behavior from the alerts profileERROR- treat the alert as an error and raise an exceptionWARN- treat the alert as a warning and log itIGNORE- ignore the alert without any logging or exceptions
The following alerts can be configured:
| Property | Description | Default Value | Mandatory | Metadata Support |
|---|---|---|---|---|
| ALERTS_EXPIREDCERTIFICATE | Defines a behavior on a signature creation or augmentation with an expired signing-certificate or its related POE(s). | ERROR | NO | YES |
| ALERTS_REVOKEDCERTIFICATE | Defines a behavior if a revoked certificate is present. | ERROR | NO | YES |
| ALERTS_INVALIDSIGNATURE | Defines a behavior on augmentation of a cryptographically invalid signature. | ERROR | NO | YES |
| ALERTS_INVALIDTIMESTAMP | Defines a behavior if an invalid timestamp is found. | ERROR | NO | YES |
| ALERTS_NOTYETVALIDCERTIFICATE | Defines a behavior on a signature creation or augmentation with a not yet valid signing-certificate. | ERROR | NO | YES |
| ALERTS_MISSINGREVOCATIONDATA | Defines a behavior in case of missing revocation data. | ERROR | NO | YES |
| ALERTS_NOREVOCATIONAFTERBESTSIGNATURETIME | Defines a behavior in case if there is no valid revocation data with thisUpdate time after the best signature time. | WARN | NO | YES |
| ALERTS_UNCOVEREDPOE | Defines a behavior if a TSU certificate chain is not covered with a revocation data (timestamp generation time > CRL/OCSP production time). | WARN | NO | YES |
| ALERTS_HIGHERSIGNATURELEVEL | Defines a behavior on a signature creation or augmentation within a document containing signatures of a higher level. | ERROR | NO | YES |
| ALERTS_SIGNATUREWITHOUTCERTIFICATES | Defines a behavior on augmentation of a signature without certificates in its B-level. | ERROR | NO | YES |
| ALERTS_SELFSIGNEDCERTIFICATECHAINS | Defines a behavior on augmentation of a signature built only with self-signed certificate chains. | ERROR | NO | YES |