Configure Content Signing Service
DigiCert® Document Trust Manager signer credentials
Content Signing Service license
Document Trust Manager datasheet (provided by DigiCert®)
Docker
Ascertia Go>Sign Mobile application lets you securely authorize and approve the signing of documents in the European Union (EU) and Switzerland (CH).
참고
You can configure one device per user.
Download Ascertia Go>Sign Mobile application on your mobile device.
Select the Settings icon.
Select Scan QR Code to scan the QR code in your email or manually change the default server to:
CH
EU digital signature
EU eSeal
Select Save.
Return to the main screen and add the user ID provided in your email.
You receive one-time passwords (OTP) via email and text.
Enter both OTPs in the Go>Sign Mobile device registration screen.
Select Verify.
Once you sign a document, you're prompted to confirm your identity in Go>Sign Mobile.
The certificate chain you download contains certificate chain, intermediate certificate, and root values. You require these values to configure Postman.
Sign in to DigiCert ONE with your signer credentials.
In DigiCert ONE, in the Manager menu, select Document Trust.
In theDocument Trust Managermenu, select Credentials > All credentials.
Select the credential nickname with which you want to sign.
In the Credential details page, navigate to Certificate details.
Select Download certificate chain to download certificate chain, intermediate certificate, and root.
Open the downloaded certificate chain in a text editor such as Notepad++ and save the file.
Configure your Postman account to test, and manage DigiCert® Document Trust Manager API requests.
1. Download Postman collection
Download Postman collection for DigiCert® Document Trust Manager with Content Signing Service.
2. Import Content Signing Service files into Postman
To import files into Postman, follow these steps:
Open Postman.
In the Postman window, select Collections (left menu) > Import.
Drag your downloaded and unzipped Collections files into the Postman window to import them.
Select Environments > Import.
Drag your downloaded and unzipped Environments files into the Postman window to import them.
3. Set up Postman environment
참고
You need previously downloaded credential certificate, certificate chain, and Document Trust Manager datasheet to set up your Postman environment.
In the Postman window, select Environments (left menu) > Content Signing Service Content Signing Service Environment.
Set variable values from the datasheet.
Enter the values from the Access section in the datasheet in Current Value column as shown:
Variable
Current Value
Notes
base_dcone_url
Service URL
Remove “/documentmanager” from the URL
client_id
Client ID
client_secret
ClientSecret
oauth2_url
Service URL
Include “/documentmanager” in the URL
Set certificate chain values.
Enter the values from the downloaded certificate chain in the corresponding Current Value column as shown:
Variable
Current Value
cert_chain1
Certificate Chain
cert_chain2
Intermediate Certificate
cert_chain3
Root
Select Save icon.
URLs of the timestamp authority you use to sign documents in the Register document API call step are:
For use with Swiss certificates | http://ts.quovadisglobal.com/ch |
For use with EU certificates | http://ts.quovadisglobal.com/eu |
Download and install Docker.
Open Docker.
Download and save the Docker Image from the TGZ file.
Open the folder where Docker Image is saved, then open command prompt.
Stop and remove any running containers of Content Signing Service, if already installed:
If running in a single container:
```bash docker stop content-signing-service docker rm content-signing-service ```If running in multiple containers (use the old docker-compose file used for scaling):
```bash docker compose -f docker-compose.yml down ```Run commands:
```bash docker load --input './content-signing-service.tar.gz' ```
To persist the data of the database and logs, create docker volume by running the commands:
```bash docker volume create --name=content-signing-service-data docker volume create --name=content-signing-service-logs ```
Give mandatory Environment Variables:
API_KEY: API KEY for validating the license.
DTM_BASE_URL: Document Trust Manager base URL.
Run Content Signing Service
To run Content Signing Service:
```bash docker run -d -e API_KEY=<<API_KEY>> -e DTM_BASE_URL=<<DTM_BASE_URL>> -v content-signing-service-data:/app/db -v content-signing-service-logs:/app/logs -p 8080:8080 --name content-signing-service ```
Customize Docker as per your requirements:
Custom port number
Default service port is 8080. To modify the port number:
```bash docker run -d -e API_KEY=<<API_KEY>> -e DTM_BASE_URL=<<DTM_BASE_URL>> -p <<DESIRED_PORT_NUMBER>>:8080 --name content-signing-service content-signing-service ```
Database
Data is stored temporarily by default. To make data persistent, write the database file to docker volume by running command:
```bash docker volume create --name=content-signing-service-data docker run -d -e API_KEY=<<API_KEY>> -e DTM_BASE_URL=<<DTM_BASE_URL>> -v content-signing-service-data:/app/db --name content-signing-service content-signing-service ```Logs
Logs are stored temporarily. To make logs persistent, use docker volume by running command:
```bash docker volume create --name=content-signing-service-logs docker run -d -e API_KEY=<<API_KEY>> -e DTM_BASE_URL=<<DTM_BASE_URL>> -v content-signing-service-logs:/app/logs --name content-signing-service content-signing-service ```
Log levels are set to *`INFO`* by default. To modify, update the environment variable by running command:
```bash docker run -d -e API_KEY=<<API_KEY>> -e DTM_BASE_URL=<<DTM_BASE_URL>> -e root_log_level=<<DESIRED_LOG_LEVEL>> -e app_log_level=<<DESIRED_LOG_LEVEL>> --name content-signing-service content-signing-service ```