#1

Application menu

Available functions:

1. Open configuration file by OpenFileDialog
2. Create new local/master config
3. Exit application

#2

Configuration file tabs

Lists open configuration files

#3

Configuration file path

Absolute URI of configuration file

#4

Tab control

Tabs list of parameters subgroups

#5

List of paremeters

-

#6

Tool tip

Help tooltip with additional info about pointed parameter

#7

Revert button

Reverts all changes on all tabs with parameters of edited file

#8

Save button

Save all changes in file

#9

Save as button

Save file with last changes in another file

#1

Master configuration

Path to master configuration file. Contains two functions:

1. Select file on disk by native SelectFileDialog
2. Open selected master configuration file

#2

Language

Language used in GUI for labels and guidelines.*

#3

Place

Place or address of organization will be written in all PDF documents generated.
If organization have more LRA-clients situated in different locations - place can show which location.

#1

Refresh list of available readers

Gets list of readers connected to LRA station

#2

Combo box for assign readers

–

#3

Test selected readers button

Checks access to readers (and secure features if needed)

#1

Scanner device ID

Gui format

#2

Choose scanner button*

Shows native dialog to select scanner from available from this machine

#3

Test scanner button

–

#1

Severity

Desired severity for default log (trace.log file in the app directory)

1. Verbose - debugging trace
2. Information - non critical problem
3. Warning - Informational message
4. Error - Recoverable error
5. Critical - Fatal error or application crash

#1

Test SignPad button

Ensures SignPad is accessible.

#1

Test all button

Tests all devices with current settings and shows aggregated results.

#2

Test result area

-

#1

LRA mode

Different configurations of LRA-client; Local issues local certificates only, Buypass issues qualified certificates only and Mixed issues both local and qualified certificates.

Mixed mode is default value.

Unnecessary tabs will be disabled at left panel.

#2

Company name

Name of organization will be written in all PDF documents generated. If organization has more LRA-clients situated in different locations - name can show department.

#1

Local certificates key length

Defines the certificate size generated on the smartcard.

Valid values:

1. 0x80 : 1024 bits = 128 bytes
2. 0xC0: 1536 bits = 192 bytes – default
3. 0xE2 : 1808 bits = 226 bytes
4. 0xFE : 2032 bits = 254 bytes

Value chosen must be in compliance with key length in template.

#1

Domain

Defines the name of the domain controller. Example: testdc:389

#2

Search base

Defines the searchpath for searching for Users in AD. Different OU's (directories) in AD can be defined and included. *

#3

Use nested groups

If Users are connected to usergroups in AD, which in turn are linked to the certification groups rather than linking one and User to one or more certificategroups this checkbox must be ticked off.

#4

Test backend button

Ensures AD is accesible.

#1

Update button

Gets list of available mapping fields from AD

#2

First name

First name should consist of first and middel name.

#3

Last name

Last name should consist of last name only.

#4

Email

Official email of User in the organization.

#5

SSN in AD mapping**

11 digits number which consists of date of birth (6 digits on format ddmmyy) and social security number (5 digits).

Available forms:

1. Direct mapping of full SSN: “AdField”
2. Full SSN in two fields: “AdBirthdate{ddMMyyyy};Ssn2Field”
3. Partly. Only birthdate: “AdBirthdate{ddMMyyyy}”
4. None

Note: Date format is case sensitive. Additional information about date and time formats can be found here on Microsofts pages.

#6

Issuer Key mapping**

AD field to be used as IssuerKey. Should be unique per organization.

UserName will be transferred to Buypass if MixedMode and used as lookup on search. Must not be changed without notifying Buypass.

#1

Update button

Gets list of available groups from AD

#2

Local certificate group

Users belonging to Local certificate group will have local certificate issued (LC).

#3

Operator group

Users belonging to Operator group will have enrollment agent certificate issued (EA).

#4

Administrator group

Users belonging to Administrator group will have enrollment agent certificate issued (EA).

#5

Qualified certificate group

Users belonging to Qualified certificate group will have a par of qualified certificates issued (QC).

#1

Configuration

Defines the common name of the CA configuration. Example: ca.testlab.local\Testlab CA

#2

Domain name

Defines the domain name.

#3

UpnPostfix

Defines the fqdn for the domain. Example: testlab.local

#4

Update button

Gets certificate templates

#5

Logon template

–

#6

Temporary template

–

#7

Enrollment agent template

–

#8

Test CA button

Ensures CA is accessible

#1

Path to reports output directory

Filearea for storage of reports.

#2

Test button

When pushing a TEST button we generate a file then store it and delete.

#1

Local document registry path

Filearea for storage of PDF documents generated when LRA functions are run.

#2

Test button

When pushing a TEST button we generate a file then store it and delete.

#1

Remote functions enabling checkbox

If organization is using remote functions having Users at remote locations this checkbox must be ticked off. Give access to Remote function menu.

If checked remote functions menu appears in LRA

#2

Auto check request count

If number of remote certificate request should be counted and shown in Main menu this checkbox must be ticked off.

#3

Path to requests

Filearea for storage of remote certificate requests.

#4

Path to responses

Filearea for storage of certificates generated which act as responses of remote requests.

#5

Requests pooling interval

Defines the polling interval in milliseconds. Default value is 2000.

#6

Max number of attempts

Defines the maximum retry times the LRA client tries to acces the remote area. Default value is 30.

#7

Test button

When pushing a TEST button we generate a file then store it and delete.

Id

Description

Comments

#1

Merchant ID

Merchant ID connected to organization. Will be provided by Buypass

#2

Timeout

Max time of waiting response from LTS

#3

Endpoint address

Address for PROD: https://www.buypass.no/weblts/p1

Address for TEST: https://www.test4.buypass.no/weblts/p1

#4

Merchant certificate serial number

Serial number of merchant certificate installed in certstore.

Certificate should be installed as described in LRA Client readme file

#5

Use SSN as IssuerKey

Possibility to register a UserName other than SSN in BUYPASS MODE:

• If IssuersKey=SSN=TRUE the field of UserName will be disabled in Preregistration-gui.
  Filling in SSN should not as today duplicate the UserName-field.
  The UserName-field should be kept disabled, because duplicating will confuse more than make sense.
• If IssuersKey=SSN=FALSE then UserName-field must be enabled and Operator must enter whatever value in this field additionally in SSN.

#6

Test LTS connection button

Signing a request and send it to LTS to get a response OK

#1

Agreement sign required

If User should accept agreement on first time issuance of local certificates this ceckbox must be ticked off.
NOTE: For first time issuance of qualified certificates the User must allways accept the agreement.

#2

User scan and document scan required

If User should sign and get his ID document scanned on first time issuance of local certificates this ceckbox must be ticked off.
NOTE: For first time issuance of qualified certificates the User must allways sign and get his ID document scanned.

#3

Document scan required on replace

If User should get his ID document scanned on issuance of replacement of both local and qualified certificates this ceckbox must be ticked off.

#4

Third party identification enabled

If organization allow 3.party identification in cases where User has forgotten his own ID document this checkbox must be ticked off.
3.party identification means another collegue in organization is using his smartcard to verify the Users identity.

#5

Timeout

Third party card waiting timeout

#1

Test all button

Tests all backends/devices with current settings and shows aggregated results.

#2

Test result area

-