search

Post-installation steps

Please review the following post-installation instructions for SigningHub:

circle-info

  1. After installation or upgrade, it is strongly recommended to review the "Important System Changes" section of the release notes to understand environment, configuration, and feature-level impacts.

hashtag
Post-installation steps

  • After installing SigningHub Enterprise, provide read/write access to the IIS_IUSRS user on the Document Storage Directory if it is created on a network path.

  • If the ADSS Signing Server is installed with Windows Authentication, ensure the following services are running, in the Windows Services Panel, under a domain user; otherwise, the services may fail to start:

    • Ascertia-ADSS-Console

    • Ascertia-ADSS-Core

    • Ascertia-ADSS-Service

  • If IIS bindings have been modified, update the baseURL and localGatewayURL values in the env.js file. Refer to the application settings section for detailed instructions.

  • If Content Security Policy (CSP) is enabled, update the placeholder URLs in the CSP header to match your configuration. Refer to the security section for detailed instructions.

hashtag
Regular release post-installation steps

circle-info

  1. Even for regular releases, upgrades may introduce changes to directory structure, services, and configuration files. The following steps must be reviewed after upgrading.

  2. SigningHub v10.0.4 or above must be upgraded from v10.0.3. Customers should first upgrade their existing installation to v10.0.3 before proceeding with the upgrade. Direct upgrades from earlier versions are not supported and should be avoided.

  • Post-upgrading SigningHub v10.0.3:

    • The Regular Release package becomes the actual installation directory instead of updating the existing v10.0.x/8.6.x installation folder. This behaviour differs from previous Regular Release versions and should be considered when planning upgrades.

    • All existing refresh tokens must be cleared from the database, as the system has transitioned from using OWIN-based access tokens to JWT tokens.

    • The 'Require SSL' setting in IIS must be disabled for existing Admin websites.

    • Ensure read/write access is provided to the IIS_IUSRS user on the Document Storage Directory if it is hosted on a network path.

    • Since SigningHub Admin is now API-based, the Admin-API does not inherit existing IIS site bindings. A new IIS website is created by the installer using the server hostname by default; this hostname must be updated to match the deployment environment. Ensure read/write access is provided to the IIS_IUSRS user for the new admin-api directory. If a service account is configured for other existing sites, apply the same configuration to this site.

    • The URL of the SigningHub Admin API must be specified in appsettings.Production.json. Refer to the application settings sectionarrow-up-right for details.

    • The URL of the SigningHub Admin API and SigningHub Admin must be specified in the env.js. Refer to the application settings sectionarrow-up-right for details.

    • Log in to SigningHub Admin, navigate to Configurations > Global Settings > General, and verify/update the Admin-API URL.

PreviousChange database credentialsNextUninstalling SigningHub enterprise

Last updated

Was this helpful?