acceptContactUrl

https://host/frigg/login/#/contacts

the url for accepting contact requests (Contact page)

X

invitationUrl

https://host/frigg/Registration.html

the url for user registration and invitation

X

loginUrl

https://www.websignatureoffice.com/Login.html

the login url (used for redirecting)

X

passwordResetUrl

https://host/frigg/PasswordReset.html

the url for the password reset page

XsignatureRequestUrl

the url for signature requests

signatureRequestUrl

https://host/frigg/login/#signature_request

Deprecated! Replaced by viewer_url and process_url; (the url for signature requests)

(X)

verificationUrl

https://host/frigg/Verification.html

the url for the verification page

X

database_connection_properties=sslMode=trust

database_connection_properties=sslMode=trust;someOtherProperty=false

These properties are used to enable SSL encryption for the connection. sslMode can be trust, verify-ca or verify-full.

Several connection properties can be added as a semicolon seperated list. These properties are appended to the JDBC URL, as shown below:

jdbc:mariadb://localhost:3306/frigg?sslMode=trust&someOtherProperty=false

https://mariadb.com/docs/server/connect/programming-languages/java/tls/

database_host

192.168.5.57

the database host (IP or hostname)

X

X

database_jndi

java:comp/env/jdbc/FriggDb

the jndi database source

X

X

database_master

frigg_master

Name of the master database, which manages sequences and tenants in multitenant mode. Default: frigg_master

X

X

database_migrate

true/false

true or false. If true, flyway database management is activated

X

database_name

frigg

the database schema name

X

X

database_password

kjssdduiwe832//6?!

the database password

X

X

database_port

1521

the database port

X

X

database_service_name 

FRIGG

the database service name (for Oracle connection)

X

X

database_sid

xe

the database SID (for Oracle connection)

X

X

database_type

mysql

mysql or oracle, the database type (default mysql)

X

X

database_user

dbuser

the database user

X

X

db_pool_max_wait_millis

5000

specifies the maximum time in milliseconds that the connection pool should wait for a connection to be returned before throwing an exception. The default value is 5000.

X

X

db_pool_max_total

100

specifies the maximum number of connections that the database pool can have simultaneously open. The default is 100.

X

X

db_pool_max_idle

20

specifies the maximum number of idle database connections to be maintained in the pool at any given time. The default value is 20.

X

X

db_pool_min_idle

5

specifies the minimum number of idle connections that should be maintained in the connection pool. This property is used to ensure that a sufficient number of connections are available in the pool at all times. Default is 5.

X

X

db_pool_max_conn_lifetime_millis

600000

specifies the maximum lifetime of a database connection in the connection pool. Default is 60000.

X

X

deactivate_db_ping

true

true or false, deactivates validation check for the db connection (default false)

X

X

storage_db_init_directory

admin_email_notifier

somebody@host.com;someoneelse@host.com

a list of recipients who are informed when accounts are charged with help of the admin functions or when user bought credits

X

emailExcludedTypes

signature_request_finished

List of mailtypes which are excluded. See i) Email Configuration for details.

X

emailFrom

system@webSignatureOffice.com

the from mail header added to emails sent by the system

X

emailPort

25

the smtp port

X

emailHtmlOnly

true

Only send html mail (no text mail). Default is true.

X

emailRetries

5

how many times the mailer retries to sent an email

X

emailSendToRegisteredUsers

user_finised;signature_field_signed

Semicolon seperated list of mailtypes. If a mailtype is present in the list, the email will be send to all registered users of the signature request. If it is not present, the email will only be send to the signature request creator.

Possible mailtypes:

• signature_field_signed

• signature_field_rejected

• user_finished

• envelope_user_finished

Default: Only creator receives email.

X

emailSmtp

hostname.domain or "false"

the smtp server used to sent mails. If set to "false", sending mails will be deactivated entirely.

X

emailSmtpPassword

password

the smtp server password

X

emailSmtpUser

smtpuser

the login for the smtp server

X

emailTls

false

true or false, enable or disable TLS (encryption)

X

guest_email

guest@websignatureoffice.com

the email pattern for guest email addresses (default guest@websignatureoffice.com)

X

invoice_mail_recipients

somebody@host.com;someoneelse@host.com

a list of recipients who receive a copy of all invoices created by the system (for credit purchase)

X

mail_password

oekopostpassword

the password for the mail verification account (https://www.oekopost.de/developer/)

X

mail_user

oekopostuser

the user for the mail verification account (https://www.oekopost.de/developer/)

Xoekopost_test

If

smsPassword

true, the phone number is obfuscated in. e.g. +49170XXXXX111

oekopost_test

true

If present, mail verification will be simulated by email.

smsPassword

smspassword

the sms account password (for the sms delivery feature) (www.massenversand.de)

X

smsSender

stepover

the name displayed as sms sender (for the sms delivery feature)

X

smsUserId / authToken

4327634 / 1ED33261VI0I6659347456B

the sms account user id or authToken (for the sms delivery feature)

X

sms_token_characters

the characters used in a sms token. possible values:

• numerical: just numbers

• alphanumerical: capital letters and numbers

• alphanumercical_casesensetive: Uppercase, lowercase letters and numbers.

sms_token_length

The length of the sms token when opening a sms protected document / envelope.

support_email

support@websignatureoffice.com

the email address for support notifications / inquiries. Contains a semicolon seperated list of email addresses.

X

userBrandingSupportMail

de

"de" or "us". The language of the support mail, which will be sent to the email addresses defined in support_email. Additionally a copy of the support mail will be sent to the user.

X

accounting_period

monthly

the interval a new sms token must be obtained to open a sms token protected document. Possible values:

• ONCE: The sms token must only be obtained and entered one time to unlock the document
• ALWAYS: A new sms token must be obtained and entered everytime the document is opened.

smsSender

stepover

the name displayed as sms sender (for the sms delivery feature)

X

smsUserId / authToken

4327634 / 1ED33261VI0I6659347456B

the sms account user id or authToken (for the sms delivery feature)

X

sms_token_characters

the characters used in a sms token. possible values:

• numerical: just numbers

• alphanumerical: capital letters and numbers

• alphanumercical_casesensetive: Uppercase, lowercase letters and numbers.

X

sms_token_length

The length of the sms token when opening a sms protected document / envelope.

X

support_email

support@websignatureoffice.com

the email address for support notifications / inquiries. Contains a semicolon seperated list of email addresses.

X

userBrandingSupportMail

de

"de" or "us". The language of the support mail, which will be sent to the email addresses defined in support_email. Additionally a copy of the support mail will be sent to the user.

X

accounting_period

monthly

defines the interval of accounting periods. One of

• false (no accounting periods)

• daily

• weekly

• monthly

• quarterly

• yearly

X

cash_account_name

stepover_cash_account

the name of the cash account, matches db name column in accounting_account table (for credit handling)

X

credit_eur_value

0.85

the vlaue of one credit in EUR

X

credit_usd_value

0.95

the value of one credit in USD

X

credit_free

3

how many free credits are given initially (after registration)

X

credit_free_monthly

3

the amount of free credits per month

X

credit_signature_request

1

value how many credits one signature request costs ('0' for no credit charge)

X

credit_mail_identification

10

value how many credits a mail identification costs

X

credit_sms_identification

1

value how many credits a sms identification costs

X

has_license

false

true or false, usage for licence model (valid license file required)

X

paypal_client_id

paypal client id

X

paypal_url

The paypal api URL. Default "api-m.paypal.com/v1"

X

paypal_secret

paypal secret

X

api_id_iv

ghksau981ghksau9

a secure random iv is created and stored in the db on server startup (recommended). This value is used for url data encryption. This mechanism can be overridden by setting a static 16 character long string. When used api_id_key also has to be set.

X

api_id_key

zeuwipahsjd6389a

a secure random key is created and stored in the db on server startup (recommended). This value is used for url data encryption. This mechanism can be overridden by setting a static 16 character long string. When used api_id_iv also has to be set.

X

app_signature_certificate_filename

d:\frigg\data\app_signature_public.der

the certificate path for the app signature with token authentication

X

app_signature_certificate_password

dsf433dreE&%

the certificate password for the app signature with token authentication

X

app_signature_certificate_private_key_filename

d:\frigg\data\app_signature_certificate.pfx

the certificate private key path for the app signature with token authentication

X

enduser_certificate_duration

36

the lifetime of user certificates in months

X

enduser_certificate_key_length

2048

the length of the create user certificates

X

external_certificate_provider

nebula

semicolon seperated list of external certificate providers. currently supported: nebula (nebulaSUITE)

X

guest_certificate_password

kkwJk34$ldP%

the guest certificate password (for non-registered webSignatureOffice user certificates)

X

X

intermediate_certificate_filename

/frigg/data/cert.pem

the full path to the intermediate certificate for user certificate creation

X

intermediate_certificate_password

sduiSUm7$%&hJ

the intermediate certificate password

X

intermediate_certificate_private_key_filename

/frigg/data/cert_private.pem

the full path to the internmediate certificate private key

X

nebula_exclude_authenticators

MAIL;SMS

semicolon seperated list of authentication methods. The listed methods won't be usable. Default: All methods allowed.

X

notaryInfo

\n======================( NotaryInfo )====================== \n \nSomebody 

the notary info added to a biometric signature

X

notary_public_key

dshkskdhNSSKhjadsbndskKJHKHSAK \
DGHgdhjdsgJHDDSHJGdshdshdJDHDSJH \

the public key base64 encoded that is assigned new registered users. This key is used by the web signature office apps and HTML-Signer.

for more information see Notary Key

X

notary_public_key_hash

dskhdksjhds89s8djdshkjhsd7987987dsdssd

deprecated

a md5 hash of the public key

X

notary_sha1_fingerprint

dgdfgdfgffffffffffffffffffffffffffffffff

a sha1 hash of the certificate of the notary_public_key. It is configured in braga and used to check if the certificate configured in frigg coresponds to the hash.

for more information see Notary Key

X

openssl_run_directory

c:/temp

the path to a folder in which openssl can run

X

rsa_encryptor_access_allow

https://somehost.stpover.de

if the rsa encryptor is accessed from a host that gets blocked because of cors, or access should be restricted, the Access-Control-Allow-Origin header can be set with this value, default is *.

rsa_encryptor_public_key

deprecated

Public key for the RSA encryptor for encrypting biodata.

If not present, the notary_public_key is used.

for more information see Notary Key

X

rsa_encryptor_url

https://host:8444/RsaEncryptor/encode

deprecated

the url of the RSA encryptor used by the html signer, if no value is set the default RSA encryptor of the frigg module is taken

X

tsaServer

http://somehost.de/tsa

The Timestamp Authority Server used to set the signing time, braga. If not set, no timestamp 

multitenant

true / false: activates multitenant mode.

X

X

multitenant_admin_key

Administrator authorization for adding new tenants. This string has to be sent with the POST request to create a new tenant.

X

multitenant_host_ip

ip of the multitenant host

X

api_deactivate_request_signature

true/false

If true, no X-SOSIGNATURE header is necessary.

Only for testing!

X

X

api_id_cache_expire_minutes

15

the decrypted ids are kept in a cache to improve performance. This defines the time till the value expires, default is 10 minutes

X

api_id_cache_max_size

5000

the decrypted ids are kept in a cache to improve performance. This defines the maximum capacity, if reached values are removed, default 1000

axis_request_timeout

deprecated

the braga request timeout in milliseconds (default 240000)

X

axis_server_context

/braga

The folder inside which the braga app is deployed (default empty)

X

axis_server_ip

192.168.5.56

the IP or hostname of the braga server

X

axis_server_port

8080

the braga server port (default 8080)

X

axis_server_protocol

https

https or https, the protocol used for the braga server (default http)

X

braga_create_copy

true

creates a copy of the PDF without biodata (if flag is true); default false

X

braga_render_dpi

200

the dpi with which pages are rendered (default is 200)

X

cookie_name

SOSESSIONID

the cookie name for the session cookie

X

cookie_path

/

the cookie path

X

file_upload_max_file_size

20480

the maximum upload size in bytes

X

guest_user_document_availability

60

The time a document / envelope is available for a guest user (email guest user link). The timespan is the config setting + the signature_request due date. 

logging_debug

true

enables extended logging for debugging (default false)

X

memcached_port

11211

the memcached port

X

X

memcached_server

192.168.5.57

the ip or hostname of the memcached server if memcahe is used

X

X

memcached_sessions

true

true or false, the switch if memcached should be used for session managemeant

X

X

org_quartz_properties

quartz.properties

the name of the quartz scheduler configuration file in the classpath (for the automated jobs)

X

pdf_render_max_render_threads

4

the max number of render threads

X

process_pool_timeout

120000

timeout for a process from the process pool in milliseconds (default 120000)

X

render_strategy

AllPages

the strategy used to render the pdf pages, possible values are OnlyPagesWithSignatures, AllPages, FirstTwoAndPagesWithSignatures. Default is FirstTwoAndPagesWithSignatures

X

request_lifetime

7200

the request lifetime in seconds.

X

rest_api_allowed_hosts

localhost,192.168.5.2,192.168.5.5

the allowed hosts for the communication with the REST API (Cross-Origin-Requests)

X

session_sync

60

session sync interval in seconds (memcached)

X

session_timeout

6000

session timout in milleseconds (browser and tyrservice session)

X

X

storage_home

X:/data/

the full path for storage of documents and certificates (BRAGA)

X

storage_mode

soll rein? description korrekt? --->

storage mode of braga, possible values:

• db: files are stored in database

• dbWithFallback: files are stored in db. If entry is not present, filesystem will be used

• file: files are stored in filesystem

X

X

tracking-header

x-idheader

the name of the http header used for the additional tracking id logging. Default is x-tracking

X

url_handler_key

jdksleuwiojdksleuwio67

on server startup a secure key is created for url encryption and stored in the db (recommended). This mechanism can be overridden with this static 32 character long string.

X

webso_events_url

https://www.testserver.com/CallbackServlet

WebSignatureOffice can be configured to call an URL on certain events. This functionality is activated by setting the URL to be called in the config.ini

Further configuration options are:

webso_events_filter:  a semicolon separated list of events that should be fired, if this option is not set, all events are fired. (e.g. STATUS_CHANGE;USER_FINISH)

webso_events_keys: a semicolon seperated list of HTTP-request property keys for the webso_event execution (e.g. user;pass) 

webso_events_values: a semicolon seperated list with corresponding values for the webso_event_keys (e.g. stepovercallback;strongPassword) event_keys and events_values must be in the same order

webso_events_retry: the time waited in milli seconds untill the event call is repeated. (e.g. 10)

For more information, please check: e) Callback-API

X

file_upload_url

https://host/fileUpload/fileUpload

the url for the file upload (via tyrservice) (deprecated)

(X)

max_message_size

20480

the max tyrservice message size (optional value)

X

tyrservice_debugging

true

true or false, enables an extended logging for tyrservice classes (if no value is set the default is false)

X

tyrservice_public

false

true or false, wether the public tyrservice services should be available, public services only use the adhoc code for authentication

X