TSA Properties

The following TSA properties are common for all AdES Signers. Each AdES Signer may have additional specific set of properties that are described in the subsequent sections.

Property	Description	Default Value	Mandatory	Metadata Support
TSA_URL TSA_URL can not be used together with the TSA_WORKER property!	URL to timestamping authority to include timestamp. Both HTTP and HTTPS is supported for sending the timestamping requests. Basic and certificate-based authentication is supported. For basic authentication, the following additional properties must be set: TSA_USERNAME TSA_PASSWORD For certificate-based authentication, the following additional properties must be set: TSA_KEYSTORE_TYPE TSA_KEYSTORE_FILEPATH TSA_KEYSTORE_PASSWORD TSA_TRUSTSTORE_TYPE TSA_TRUSTSTORE_FILEPATH TSA_TRUSTSTORE_PASSWORD See TSA Authentication options below.	NONE	NO	NO
TSA_WORKER TSA_WORKER can not be used together with the TSA_URL property!	The name of the Worker to use for the timestamping.TSA_WORKER property should be used only when timestamping is server from the same SignServer.	NONE	NO	NO
TSA_DIGESTALGORITHM	Digest algorithm to use with the timestamping.	SHA256	NO	NO

Property

Description

Default Value

Mandatory

Metadata Support

TSA_URL
TSA_URL can not be used together with the TSA_WORKER property!

URL to timestamping authority to include timestamp. Both HTTP and HTTPS is supported for sending the timestamping requests. Basic and certificate-based authentication is supported.
For basic authentication, the following additional properties must be set:

TSA_USERNAME
TSA_PASSWORD

For certificate-based authentication, the following additional properties must be set:

TSA_KEYSTORE_TYPE
TSA_KEYSTORE_FILEPATH
TSA_KEYSTORE_PASSWORD
TSA_TRUSTSTORE_TYPE
TSA_TRUSTSTORE_FILEPATH
TSA_TRUSTSTORE_PASSWORD

See TSA Authentication options below.

NONE

TSA_WORKER
TSA_WORKER can not be used together with the TSA_URL property!

The name of the Worker to use for the timestamping.TSA_WORKER property should be used only when timestamping is server from the same SignServer.

NONE

TSA_DIGESTALGORITHM

Digest algorithm to use with the timestamping.

SHA256

TSA Authentication options

Basic authentication

For TSA_URL basic authentication, the following properties are mandatory:

Property	Description	Default Value	Mandatory	Metadata Support
TSA_USERNAME	Username for basic authentication.	NONE	NO	NO
TSA_PASSWORD	Password for basic authentication.	NONE	NO	NO

Client certificate-based authentication

For TSA_URL client certificate-based authentication, the following properties are mandatory:

Property	Description	Default Value	Mandatory	Metadata Support
TSA_KEYSTORE_TYPE	Keystore type for the certificate-based authentication of the TSA. The keystore represents client authentication credentials to be used. Allowed values are: PKCS#12 JKS	NONE	NO	NO
TSA_KEYSTORE_FILEPATH	Absolute path to the file on the file system representing the keystore.	NONE	NO	NO
TSA_KEYSTORE_PASSWORD	Password for the keystore.	NONE	NO	NO
TSA_TRUSTSTORE_TYPE	Truststore type for the certificate-based authentication of the TSA. The truststore represents certification authorities or server certificates that should be considered as trusted. Allowed values are: PKCS#12 JKS	NONE	NO	NO
TSA_TRUSTSTORE_FILEPATH	Absolute path to the file on the file system representing the truststore.	NONE	NO	NO
TSA_TRUSTSTORE_PASSWORD	Password for the truststore.	NONE	NO	NO

TSA Properties

TSA Authentication options​

Basic authentication​

Client certificate-based authentication​

TSA Authentication options

Basic authentication

Client certificate-based authentication