What's New: ADSS Server v4.5.6
ADSS Server v4.3 breaks new ground in a number of important areas. It reconfirms Ascertia position as the number 1 company for signature creation and verification.
We are continuously listening to our customers and partners and delivering features which matter the most to you (so don’t forget you can send us your feedback here
- ADSS Signing and Verification services have been enhanced by: (a) Providing support for PAdES signatures based on ETSI PAdES standard (TS 102 778); (b) Providing extended support for XAdES and CAdES specifications; (c) Supporting the creation of PDF signature fields using X/Y coordinates (OASIS DSS-X profile)
- ADSS Verification, SCVP and XKMS services have been extended to support PKITS compliant path discovery and path validation. The Verification and XKMS services have also been enhanced to extend support for detailed PEPPOL requirements.
- A new ADSS Verification Gateway Service has been introduced as a licensed option within ADSS Server. This new service replaces the original ADSS Gateway software. Managed service providers need such Verification Gateways to allow clients to protect their data privacy by extracting the document signatures and sending only these for external verification.
- A new time drift check facility allows ADSS Server to check that server system time is acceptably accurate by cross-checking with a list of trusted NTP servers. If predefined thresholds are exceeded then ADSS Server (a) warns operators about the unacceptable time drift and can then (b) stop all services.
- The ADSS Server installation wizard now installs three different ADSS Server components, namely (a) the Core service, (b) the Console service and (c) selected Service modules. Each of these components uses a separate Java Virtual Machine to provide better resource management for high performance systems. Administrators can choose to install these components on just one single system or on separate physical or virtual machines.
- ADSS Signing, Verification, XKMS, Certification and LTANS services have been extended to support SOAP v1.2.
- ADSS Verification and XKMS services have been enhanced to support enveloping XML signatures in request and response messages. The ADSS XKMS Service additionally supports detached XML signatures in request and response messages.
- The ADSS TSA Service has been enhanced to support ESSCertIDv2 Update for RFC 3161.
- ADSS Server home screen alerts have been enhanced such that the hyperlink only shows those records which are relevant to the specific alert.
- Management reports have been added to the XKMS, SCVP and LTANS service modules which provide different levels of graphical and tabular reports on service usage in real-time. Reports can be exported in PDF format or as CSV files.
- The ADSS Trust Manager module has been enhanced in these ways: (a) When deleting a CA, if the CA is used elsewhere then the references to it are shown so that an administrator can confirm or cancel the delete request; (b) Validation policy configurations can now allow the real-time downloading and caching of CRLs and use them to validate certificates issued by a registered CA – this is particularly relevant when checking certificates issued by Entrust CAs that feature partitioned CRLs; (c) When registering a new CA the Friendly Name offered uses CA certificate common name by default to save time and mistakes - the default value can be used or changed as required; (d) When adding CRL resource addresses for a CA, a certificate it has issued can be identified so that all the CDP addresses are automatically read and added to the CRL resource list - this saves operator time and prevents typing mistakes; (e) A hierarchal view of registered CA certificates is now provided that shows chained certificates in a tree structure. The old classic view is still available if required.
- When deleting a key within Key Manager, if the key is used anywhere within the ADSS Server, the references to it are shown so that an administrator can confirm or cancel the delete request.
- CRL Monitor now allows the administrator to manually update a CRL without first turning off CRL polling within Trust Manager – this saves operator time when configuring a system.
- Wild card search is now available in various ADSS Server modules.