Advanced Configuration
This section describes advanced configuration and administration of Validation Authority and is intended for administrators who are already familiar with the concepts of a Public Key Infrastructure (PKI), OCSP, SCVP, and underlying cryptographic principles.
Most of the common configuration options for Validation Authority can be managed through the initial Validation Authority Configuration utility and the Management Console.
For more advanced configuration of Validation Authority, there is a collection of XML-based configuration files that can be manually edited to configure the server environment.
Each of these configuration files is documented in detail below. All paths are relative to the base directory of the Validation Authority installation as follows.
-
On Windows:
-
\Program Files\HID Global
Or
-
\Program Files\HID Global
-
-
On Linux:
-
/opt/hidglobal
-
Configuration files:
| File | Content |
|---|---|
| server/WEB-INF/conf/audit.bml | Setting for audit logging. |
| server/WEB-INF/conf/basic-ocsp.bml | Settings for generating OCSP responses using the Direct OCSP Interface. |
| server/WEB-INF/conf/basic-ocsp-list- gen.bml | Settings for generating OCSP response lists. |
| server/WEB-INF/conf/model.bml | Specifies how credential data is stored in the database. |
| server/WEB-INF/conf/reports.bml | Settings for database queries that extract reports. |
| server/WEB-INF/conf/ocsp-event-logger.bml | Specifies OCSP request logging settings for the Validation Authority Direct OCSP interface. |
| server/WEB-INF/conf/scvp-event-logger.bml | Specifies SCVP request logging settings for the Validation Authority Direct SCVP interface. |
| server/WEB-INF/conf/mini-crl-list-gen.bml | Specifies settings for miniCRL generation. |
If any of these files are manually edited, then Validation Authority must be restarted for the changes to take effect.
Topics in this section:
