Document toolboxDocument toolbox

Configure server-side card operations in Identity Manager

This article is valid for Smart ID 20.11 and later.



Typically, card operations in Smart ID Identity Manager are performed on the client machine. However, there are use cases where it is necessary to perform card operations on the server-side, executing encodings with the JPKIEncoder or Nexus Card SDK. Examples are card operations using a Nexus IDBox, card encodings using a tunneling server or card operations for network smart cards. Any created certificates are persisted in Identity Manager exactly as with client-side card operations. The card operation can be triggered by a user or a BPMN timer.

Configure Identity Manager

The Card SDK needs the Identity Manager URL in order to make sure its JPKIEncoder is up to date. A JPKIEncoder running as an external process (through Card SDK or standalone) needs the Identity Manager URL in order to request certificates from the Certificate Authority (CA).

To configured it:

  1. Log in to Identity Manager Operator as an administrator.

  2. Go to Admin > Configure System Properties > serverContext > PRIME Server URL.

  3. Set this to Identity Manager's base URL, for example, https://example.com:8443/prime_explorer

  4. Log in to Identity Manager Admin and create a new process as described in Set up process in Identity Manager.

  5. Add a new Service Task to your process, and go to its edit menu:

    1. Set the Delegate Expression to "${serverSideCardOperationTask}" 

    2. Add a parameter named "encodingName" with the name of the encoding as a value.

    3. Optional: Add a parameter named "cardSDK". Set it to "true" if you want to use the Card SDK for card operations. By default the internal encoder is used.

Configure production component

The Card SDK URL defaults to http://localhost:54880. You can change that in system.properties to, for example, the default HTTPS port of Card SDK (54881):

system.properties

cardSdkService.url = https://localhost:54881

Additional information





Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions