For more information and all parts of the series visit Introduction to eIDAS package for SignServer.
The SignServer with the eIDAS package is all you need in order to build the eIDAS compliant remote signing solution with the highest security standards. We have discussed in the previous articles of this series the basics of eIDAS perspective on signing, the role of the SignServer, ways to create eIDAS compliant signature formats, how to manage authentication and authorization, what are the different assurance levels for remote signing, and many additional topics.
Each solution needs to be administered and maintained over the course of time. Otherwise, we expose the solution to vulnerabilities or possible noncompliance due to the fast evolving technologies and standards. We have introduced the Dashboarding, Monitoring, and Reporting for the SignServer solution, however this article is dedicated to the management of the eIDAS SignServer instances, their effective management with minimum effort.
Stateless SignServer cluster
When you’ll deploy the eIDAS SignServer, there is a chance you’re going to utilize more than one instance. Whether the reason for it being performance, or high availability, you will need to deploy 2 or more SignServer instance to achieve a reliable and robust system solution.
Let have a look on what it means to build the SignServer stateless cluster.
SignServer can run as a stateless application. Meaning that once configured and deployed, it does not store any state information, and you can use the SignServer as a remote signature factory. With this approach it should be easy to prepare and deploy any number of SignServer instances per your needs, or scale the SignServer number of Workers based on the required performance.
Management of the SignServer
In order to properly manage and maintain the SignServer, you need to take care of the following:
- Database maintenance, backup and recovery procedures. The Database contains all information related to the configuration of the authorization or connections to the CAs, including configuration of all Workers and cryptographic keys that are wrapped and stored outside the HSM as cryptograms
- Application server maintenance, backup of the configuration and recovery procedure. It provides a basis for proper communication with the SignServer and interface access
- SignServer application configuration backup. To recover the SignServer instance, it is recommended to use the same configuration in order to ensure the consistency of the signed data and proper operation of the SignServer instance in a cluster
- Maintenance of the SignServer versions for a compatibility and consistency of signature produced. It is possible to run different versions of SignServer in the cluster. But these versions may have a different implementation of Signers that can cause inconsistencies in the result.
- Maintenance of the SignServer modules with the configuration, backup and recovery procedures. Modules can be developed by third parties and proper management of the modules is necessary in the case you would like to use them across the cluster
- Proper procedures for HSM integration, working with the private keys and certificates
Once you have all the above-mentioned covered, it is easy to scale the SignServer, upgrade the modules, or SignServer instances, without impact on the operations and without any downtime.
Marketplace for the SignServer
We have introduced a Marketplace for the SignServer. It helps to manage the state in the SignServer cluster and work with the modular architecture of the SignServer.
Listing of all available modules and simple overview of their purpose
Capability to Enable/disable different modules in the environment on the fly
Management of versions and update functionality for different custom modules
Integration with various sources of modules that are compatible
Easy subscription or purchase of commercial modules
Management of multiple SignServer deployments in clusters and synchronisation of modules
We will in the next chapter, how to connect the SignServer into the Marketplace and how to manage SignServer modules in the cluster.
SignServer state management
The Marketplace acts as a central management of the SignServer state. When the SignServer is connected with the Marketplace and authorized, you can view the current information about each SignServer instance, its version, list all modules and workers which are available to each particular instance.
It provides with the highest level of management capabilities for the remote signing solution:
When the SignServer is connected, you can start to manage modules of the SignServer. You see the list of all avaialble modules and there are few basic actions you can take:
- Enable/disable module – this is a non-destructive operation. Deactivation of the module will not remove the module from the instance. It is still available if you will decide to enable it back.
- Add/remove module – adding or removing the module will change the structure of the SignServer. Although modules have different dependencies, it is safe to remove the module without impact on other modules using the same dependencies.
There are also different view on the SignServer modules in the Marketplace to provide easy control on multiple SignServer in stance or only on one particular instance:
- View all available modules across all SignServer instance, take actions on all of them at once
- View available module for one particular SignServer instance, take actions on modules
SignServer management should not be hard
We believe that the technical solution should go hand in hand with the best user experience and easy maintenance. Therefore, we are committed to continuously work and improved eIDAS package and the SignServer eIDAS compliant application.
Our management platform provides you with quick access to remote signing capabilities. You can start providing secure and compliant signing service with confidence!