SHAREDLIBRARYNAME Utimaco is not referring When I start signserver with docker

Question

I start signserver with docker:

 docker run -it --rm --name signserver \
-p 80:8080 -p 443:8443 \
-e CRYPTO_SERVER_IP=**** \
-v /ca-cert.pem:/mnt/external/secrets/tls/cas/ManagementCA.crt \
signserver:1.0

Now, i need connect signserver to PKCS11 on HSM.I has changed signserver-deploy.configuaration:

cryptotoken.p11.lib.30.name=Utimaco
cryptotoken.p11.lib.30.file=/opt/utimaco/p11/libcs_pkcs11_R3.so

Then I add PKCS#11 crypto worker from template,and i change the configuration:

WORKERGENID1.SHAREDLIBRARYNAME=Utimaco

The PKCS#11 crypto worker status is offline,so i active it and enter authentication Code.but i get errors:

- Failed to initialize crypto token: SHAREDLIBRARYNAME Utimaco is not referring to a defined value

Could you please help me Thank you so much!

Answer 1

This is being discussed at the SignServer CE project's GitHub Discussions page where it is being answered that:

The current SignServer CE container does not support changing configuration in the signserver_deploy.properties.

A theoretical short-term solution for doing this could be something like this:

1. Find where the signserver.ear is in the container (probably under the appserver deployments folder and it might be folder instead of a ZIP file).
2. Find the JAR file which has the configuration, likely lib/SignServer-Common.jar
3. Find the properties file in that JAR file, something like org/signserver/common/.../signservercompile.properties
4. Change the property in that file and save it back to the ZIP file