Configuring Direct and Adding Anchors, Trust Bundles and Trust Stores With the System Administration Module

Owned by Tran Tang
Last updated: Jul 15, 2019
4 min read

Version History

Version
Date
Author
Description
0.1 09/13/2016 Daniel Fernandez Initial Draft

Overview

The System Administration Module (SAM) provides a graphical user interface (GUI) to simplify the configuration of Direct for an HISP.  The Direct Configuration is accessible in the GUI on the left navigation panel.  It is split into four views: Domains, Agent Settings, Certificates, and Trust Bundles.


Adding A Domain

Users will be able to add a new domain to HISP.

  1. Go to Domains tab and select Create New Domain button.
  2. Enter the Domain Name and Postmaster E-mail Address.  Click Submit to see the new domain under the Domain list.

Adding An Address

  1. Go to Domains tab.  Select one of the existing domains under Domain List and click Edit Domain.
  2. Click on the Address tab.  All stored addresses will show.  You should see the section for Add Another Address.  
  3. Enter the address name and address email under Add Another Address.  Click Add Address.  The new address will be listed under Stored Addresses.
  4. To remove an address, select the radio button next to the name of the address and click Delete.

Adding An Anchor

  1. Go to Domains tab.  Select one of the existing domains under Domain List and click Edit Domain.
  2. Click on the Anchors tab.  All stored anchors will show.  You should see the section for Add Another Anchor. 
  3. Click on the Choose button next to Choose Anchor Certificate to select the certificate.  Click on Upload.  Make sure that Incoming and Outgoing checkboxes are checked and the Status shows Enabled.  Click on Add Anchor.
  4. Verify the new anchor was successfully uploaded by reviewing it below Stored Anchors.
  5. To remove the anchor, select the radio button next to the anchor and click the Delete button.

Adding Trust Bundles to Domain

  1. Go to Domains tab.  Select one of the existing domains under Domain List and click  Edit Domain.
  2. Click on the Trust Bundles.  All assigned trust bundles will show.  You should see the section for Add Another Trust Bundle. 
  3. Under Add Another Trust Bundle, select the dropdown next to Add Trust Bundles to view the available trust bundles.  Note: To create a trust bundle, please view the Adding a Trust Bundle instructions further down this page.
  4. Click on the checkbox next to the name of the trust bundle you would like to add.  The Incoming and Outgoing checkboxes should be checked.  Click on Add Trust Bundle button.
  5. Verify the trust bundle was added to the domain by looking at the list of Assigned Trust Bundles.  
  6. To remove the trust bundle, select the radio button next to the bundle's name and click the Delete button.

Adding Agent Settings

  1. Navigate to Agent Settings tab.  See list of current agent settings.
  2. Click Add New Agent Setting.  Enter Key and Value for the new setting.
  3. Return to Agent Settings page and see the new setting added to the lsit.


Window in Direct ConfigurationDescription
Domains

Lists all the domains in your Direct configuration that will be managed by the HISP/STA. Users are able to add, edit, and delete domains in the system. Select any domain under Domains tab and click Edit. The options to edit Addresses, Anchors, and Trust Bundles are available.

Agent SettingsLists the Agent settings.  Consists of setting the run-time parameters for security and trust agent. As part of CONNECT 4.4, configuration of SMTP Agent Settings are no longer supported through the smtp.agent.config.xml configuration file. All the Config agent settings are stored in the ConfigDB database and are configured through the SAM. These are currently not utilized in processing or any other function but may be utilized in the future.
CertificatesLists all the certificates in the direct configuration.  Users are able to upload new certificates and delete existing ones.  They must have a DER encoded file available that represents the private or public certificate.
Trust BundlesPlease see the Direct Trust Bundles description below

Direct Trust Bundles

Expand Direct Configuration Side bar menu item in the left navigation panel, click on Trust Bundles (or) click on Trust bundles tab from Direct Configuration window.

View Trust Bundles

Click on the Trust Bundles tab to see the list of bundles.  User will be able to to Delete, Edit, and Add trust bundles.

Add New Trust BundleClick on Add  New Trust Bundles in the Trust Bundle tab.  User should be able to add a Trust Bundle URL, upload a signing certificate, and add refresh interval hours.  
View AnchorsTo view the available anchors for the trust bundle.

Adding a Trust Bundle

  1. Click on "Add New Trust Bundles" button in the Trust Bundles tab.
  2. Enter the Name, Trust Bundle URL, and Refresh interval.  
  3. Next to "Signing Certificate" click the Choose button to find and select a valid certificate.  Click Upload.  When the upload is finished, click Submit.  You should see the new trust bundle in the page.

All trust bundles existing in the system should be available to be added to the domains. If there are no trust bundles, the user will not be able to add a trust bundle to a domain.