The below instructions are intended for administrators who need to globally set up the access certificate required for digital signing, access certificate location and password or IP based access. To prevent the end users from changing these settings we will also explain how to lock global settings with the lock parameter.
Step 1: open digidocpp.conf
Open the global config file digidocpp.conf, located here:
- Windows – C:\Program Files\Open-EID\digidocpp.conf
- Linux – /etc/digidocpp/digidocpp.conf
- macOS - /Applications/qdigidoc4.app/Contents/Frameworks/digidocpp.framework/ Resources/digidocpp.conf
Step 2: find the rows necessary for the change
Global configuration of the access certificate requires the information in pkcs12.cert and pkcs12.pass to be changed – to do this, search for the following rows in digidocpp.conf:
Then remove the comment marks and
- configure the path to the file of the access certificate received from SK, which has the extension .p12 (parameter pkcs12.cert)
- UNC path and quote marks not allowed!
- configure the password of the access certificate received from SK, which has the extension .p12 (parameter pkcs12.pass)
To prevent end users from inadvertently changing the access certificate settings for DigiDoc4 Client (password, file location), the global settings can be locked with the “lock” parameter:
Configuring IP-based access
To configure IP-based access, find the following row in the digidocpp.conf file:
- remove the comment markings and
- replace the words false (2x) with the word true and save the changes
Now the DigiDoc4 Client is set up to use IP-based access. If the end-user changes the settings, the lock parameter will make it revert to IP-based access the next time the DigiDoc4 Client is launched.
Note: If the ID-card software is updated, the data in the digidocpp.conf must also be updated.