Sometimes it is necessary to change the certificate used to authenticate requests on a TSA, for example when the certificate is about to expire and needs to be renewed.
Once you have the new certificate to be used, you must follow these steps to configure it in SealSign:
- Open SealSign administration web (http://server:portnumber/SealSignDSSWeb) as a SealSign administrator.
- On the left menu, under Centralized Keys, select the Server Certificates link.
- On the Server Certificates page, select the Import a new server certificate.
- On the File field, select the .pfx file of the new certificate. Type the .pfx password and select Remember Password. Click the Import button. The new certificate has been added to the SealSign database.
- Once the new certificate has been added, the next step is the TSA configuration. To do that, on the left menu of administration web, select the TSA Servers, under the Timestamp element.
- On the Timestamp Servers page, select the TSA name to be configured.
- Now, click the Select Certificate button and select the correct certificate in the popup window.
- Finally, click the Save button to store the new configuration.