Versions Compared

Old Version 4

changes.mady.by.user Josefin Klang (Deactivated)

Saved on

compared with

New Version Current

changes.mady.by.user Ylva Andersson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated link

...

Info

This article includes updates for Nexus Timestamp Server 2.3.0.

This article shows an overview of the Nexus Timestamp Server. Read more in this article: Nexus Timestamp Server.This Below is an illustration of a Nexus Timestamp Server system. It consists of two major components: one or more HTTP frontends and one backend.Image Removed

...

Timestamp services

Nexus Timestamp Server can contain multiple timestamp services. Such a timestamp service consists of one HTTP frontend, together with its configuration in the backend. A timestamp service has timestamp service has a policy which dispatches to filter chains composed by filters. Read  Read more about this here Description of filters in Nexus Timestamp Server and Filter chains used in Nexus Timestamp Server.

HTTP frontend

The HTTP frontend is accessed by the end-users (requesters). There may be any number of HTTP frontends in a Nexus Timestamp Server system. One frontend, together with its configuration in the backend, represents one timestamp service.

...

Nexus Timestamp Server includes a web interface with access to:

  • timestamp service administration

  • timestamp services

The web interfaces are addressed using URLs. Each functionality resides in a web application archive (“war”) file, located in the <install>/webapps directory.

Hardware Security Module

See Initialize Hardware Security Module in Timestamp Server.

Example scenario

...

Example A: A timestamp request

This scenario is simplified in that it does not describe any configuration, server setup or advanced features etc.

  1. The user or system, called requester, sends a timestamp request in accordance with RFC3161.

  2. The timestamp service detects if it is a timestamp request and if so redirects the request to the proper policy within the backend.

  3. The backend handles the policy and all the included filters according to the order in the configuration.

  4. The backend stores the information in the logs and database according to the configuration.

  5. After successful timestamp request a timestamp response is generated and sent back to the HTTP frontend.

  6. The HTTP frontend sends the timestamp response back to the requester.

Example B: An Authenticode timestamp request

This scenario is simplified Microsoft Authenticode Timestamp. 

  1. The user or system, called requester, submits an authenticode timestamp request following Microsoft’s guidelines for Authenticode Signature, utilizing Windows PowerShell.

  2. The timestamp service detects if it is an authenticode timestamp request and if so redirects the request to the proper policy within the backend.

  3. The backend stores the information in the logs and database according to the configuration.

  4. Upon successfully receiving an authenticode timestamp request, the timestamp service generates an authenticode timestamp response and sends it back to PowerShell.

...

...

  1. Subsequently, PowerShell writes the signature to the specified file.

Configuration details can be found in: Configure Authenticode Timestamp

Additional information

Expand
titleUseful links