To preserve the privacy of critical parts of the digital signature (private key and password), this patch allows to configure them externally in the site configuration (i.e., config.php and the like).
Two new configuration parameters are introduced, customcert_signature_private_keys and customcert_signature_passwords. Both are associative arrays with a similar structure. Their values are the value/location of the private keys and the passwords, respectively. Their keys are the context_id of the digital signature element instances. If no such key is found, a wildcard key '*' is looked for (useful, for instance, when the whole site will share the same signing certificate configuration). If none of them is defined, falls back to the previous behaviour (i.e., configured by editing the element in the site administration interface).
To preserve the privacy of critical parts of the digital signature (private key and password), this patch allows to configure them externally in the site configuration (i.e.,
config.php
and the like).Two new configuration parameters are introduced,
customcert_signature_private_keys
andcustomcert_signature_passwords
. Both are associative arrays with a similar structure. Their values are the value/location of the private keys and the passwords, respectively. Their keys are thecontext_id
of the digital signature element instances. If no such key is found, a wildcard key'*'
is looked for (useful, for instance, when the whole site will share the same signing certificate configuration). If none of them is defined, falls back to the previous behaviour (i.e., configured by editing the element in the site administration interface).