Timestamping Signers

1. Log in to the Stream Administration Interface.

2. Go to Timestamping  Signers and click on add Timestamping Signer at the bottom of the page.

3. Fill in the fields to create a Timestamping signer that will sign Timestamping requests:

  • The Name of the Timestamping signer: a technical name to identify this signer.

  • The Keystore where to find the key for this signer.

  • The Key that this signer will sign with.

  • The DN of this signer, in X500 format with key=value separated by commas.

  • The Notification on signer expiration that will notify users via Email or REST.

4. You must then generate the CSR Generate CSR, sign it using your Timestamping CA, and upload the signed certificate back to Stream Upload Certificate

The certificate must be signed with the Key Usage digitalSignature (critical) and the Extended Key Usage timeStamping (critical)

5. The Timestamping Signer is now uploaded. Additional options are now available:

  • The Response Signing Algorithm, the hash algorithm that wil be used on responses signed by this signer

6. Click the Save button at the bottom of the page.