he Security Settings group on the SanteDB configuration tool are used to control the security subsystems in the SanteDB host context.

Core Server Security

The core security panel allows the control of the settings related to core security functions such as the validation of passwords and security policies.

The options which can be configured in the security panel are:

Signing Keys

The signing keys configuration allows you to specify keys that the iCDR server will use for generating digital signatures. Plugins can request specific named keys for signing data, these are:

• default : The default server key used for signing sessions, security data in the database, etc.

• jwskey : The key to use for the JWS pointer service - This data is used to sign data in JWS generated payloads on the server.

Other keys may be used by specific plugins. Additionally, if an external trading partner uses a kid attribute in the JWS header, you can configure the specific kid to X509 or HMAC key.

The options when configuring a key: