Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

SafeNet Agent for TokenValidator Proxy

Configure SafeNet Agent for TVP

search

Please Note:

Configure SafeNet Agent for TVP

Configuring Transport Layer Security

To configure TLS 1.2/1.3 support on the SafeNet Agent for TVP v3.1.0, set the registry settings as follows:

> HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client DisabledByDefault => 0x0

> HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client DisabledByDefault => 0x0

The agent will always connect with the highest enabled protocol.

Defining Main and Backup Servers

After the agent is installed, the paths to the main SafeNet server and the backup SafeNet server can be changed, if required.

  1. Define the main SafeNet server: Enter the path to the main SafeNet server in the following Registry key:

    HKEY_LOCAL_MACHINE \SOFTWARE\CRYPTOCard\BlackShield ID\TokenValidatorProxy\PrimaryServiceURL

  2. Define the backup SafeNet server: Enter the path to the backup SafeNet server in the following Registry key:

    KEY_LOCAL_MACHINE \SOFTWARE\CRYPTOCard\BlackShield ID\TokenValidatorProxy\OptionalSecondaryServiceURL

  3. Setting time interval (to check if main SafeNet server is operational): Following failover to the backup SafeNet server, the SafeNet Agent for TVP will check if the SafeNet main server is running.

    The interval (in minutes) between checks is set in the following registry key (default value: 10 minutes):

    HKEY_LOCAL_MACHINE \SOFTWARE\CRYPTOCard\BlackShield ID\TokenValidatorProxy\PrimaryFailureIntervalMinutes

Configuring Logs

The logging level is set in the Windows registry. Other related settings are changed in the configuration file located at:

C:\Program files\Thales\TokenValidatorProxy\TokenValidator\Log4Net.config

Logging level

Default: 3

To change the level, set the LogLevel registry key to the required level:

HKEY_LOCAL_MACHINE \SOFTWARE\CRYPTOCard\BlackShield ID\TokenValidatorProxy\LogLevel

The following levels are available:

1 Fatal – Severe error events that are likely to cause the application to abort.

2 Error – Error events that might still allow the application to continue running.

3 Warn – Potentially harmful situations.

4 Info – Informative messages that provide a high-level view of the progress of the application.

5 Debug – Detailed informational events that are useful when debugging an application.

Name and location of log file

Default: Logs\TVP.log

To change the path or name of the log file:

  1. Open the configuration file (Log4Net.config) in a text editor.

  2. Change the path or file name using the following format:

    <file value=“..\logs\TVP.Log” />

If you change the path, the new location must be accessible to all users. Also, writing to the Log folder requires Network Service permissions.

Maximum file size

Default: 15 MB

To determine the maximum file size:

  1. Open the configuration file (Log4Net.config) in a text editor.

  2. Set MaximumFileSize to the required size, using the following format:

    <MaximumFileSize value=“15MB” />

Number of rollover log files

Default: 10

A specified number of log files are saved, with the oldest file being overwritten when a new file is generated.

To change the number of rollover log file copies:

  1. Open the configuration file (Log4Net.config) in a text editor.

  2. Set MaximumSizeRollBackups to the required number using the following format:

    <MaximumSizeRollBackups value = “10” />

Activating Certificate Check

To activate the Certificate Check, set the Registry key DisableCertificateCheck to 0, at the following location:

HKEY_LOCAL_MACHINE \SOFTWARE\CRYPTOCard\BlackShield ID\TokenValidatorProxy\ DisableCertificateCheck

To disable the Certificate Check, set the Registry key DisableCertificateCheck to 1.

Default: 0

Configuring Proxy Server

To set a proxy server, add the following to the web.config file, located at the following location:

C:\Program Files\Thales\TokenValidatorProxy\TokenValidator\web.config

Insert in the section <configuration>…</configuration>

<system.net>
  <defaultProxy>
    <proxy proxyaddress="http://myproxyaddress:port"/>
  </defaultProxy>
  <settings>
    <servicePointManager expect100Continue="false"/>
  </settings>
</system.net>

where:

http://myproxyaddress:port is the address and port of the proxy.

On this page