ADSS Server 6.9 release

Posted by Mike Hathaway on Oct 20, 2021 9:32:52 AM

On 4th October Ascertia launched the ADSS Server 6.9 release. This release is now available on the Ascertia Community for download. Please request access from your account team, if you have not already registered. 

ADSS Server is a full-featured, modular trust services platform built to deliver all of the essential trust services required by Enterprises, Trust Service Providers, or Global Governments. ADSS Server’s trust services can all be used with third-party trust infrastructures, making ADSS Server unique in the market. 

ADSS Server Release 6.9

ADSS Server 6.9 release developments

ADSS Server version 6.9 is a major product release with many new features and developments including:

External HSM Support for remote authorise signature creation certified to ETSI EN 419 221-5

  • In addition to Thales Luna, ADSS Server also supports Entrust nShield HSM’s for remote authorise signature creation certified to ETSI EN 419 221-5.  

IDP authentication/authorisation of remote signatures 

  • ADSS Server now supports external authorisation servers (IdPs) for authentication/authorisation of remote signatures

SCAL1, SCAL2 remote signing, and eSealing

  • ADSS Server now supports eSeals authorised using Sole control assurance level 2 (SCAL 2) and can now produce signatures and eSeals using Sole control assurance level 1 (SCAL1) in RAS/SAM services.

Elliptic Curve Support Updates

  • ADSS Server has been enhanced to support Brainpool and NIST curves for ECDSA keys.

Easier license file management

  • ADSS Server licenses are now managed using the ADSS Server Console, licenses are now uploaded or downloaded via a new License Manager section under Global Settings.

Important changes to ADSS Client SDK 6.9 and Auto File Processor 6.9

As of release 6.9, Ascertia ADSS Client SDK for Java and .Net and Auto File Processor will no longer ship with embedded iText libraries, customers must source iText 7 directly from the iText team, customers can use itextsharp.dll or iText.jar together with the ADSS SDK within their custom applications.

To ensure high-trust processing, we strongly recommend customers use an ADSS Signing Gateway this ensures security policies are set and tightly controlled, all requests and responses are logged, and that changes cannot be made to signature policies.

Using the ADSS Signing Gateway, customers are able to make a secure connection and access the signing profile and signing keys that are explicitly defined.  Client TLS/SSL certificates are used to communicate with the external signing service, which is also managed by the ADSS Signing Gateway and thus not exposed within the toolkit, ensuring better security management for this authentication key (and cert).

full list of ADSS Server 6.9 features can be found here.

Further announcements about the upcoming releases of SigningHub and ADSS Web RA Server will be coming soon.

For ADSS Server SAM Appliance customers, ADSS Server version 7.0 will be the software release that will be inside the SAM Appliance. There will be a separate upgrade process that will be communicated to all SAM Appliance customers nearer the time.

If you don't have access to the Ascertia Community, you can request this from your account team. If you need upgrade assistance or a system health check, talk to your account team about Premier Success Services.