Options
The Options Settings tab enables administrators to configure general server options for Signotaur, including automatic update checks and PKCS#11 hardware token security settings.
Configuration Options
The following options are available:
Check for Updates: Enable automatic checking for Signotaur updates. When enabled, the server will periodically check for new versions and notify administrators when updates are available.
Show Beta Versions: Display beta/pre-release versions when checking for updates. This option is only visible when Check for Updates is enabled. Enable this if you want to test new features before they are officially released.
Maximum Allowed PKCS#11 PIN Failures: The maximum number of consecutive incorrect PIN attempts allowed before the server locks access to a certificate on a PKCS#11 hardware token (such as a YubiKey or other HSM device). This prevents further PIN attempts via the server that could cause the hardware token itself to lock out.
When this limit is reached, the server will block access to the certificate, protecting the hardware token from being locked due to repeated failed PIN attempts. The hardware token itself is not locked by this setting - only server access to the certificate is blocked.
Set this value to be less than the PIN retry limit configured on your hardware tokens to ensure the server blocks access before the token locks itself. A value of zero means that the server will never lock certificate access due to PIN failures, though the hardware token itself may still enforce its own limits.
The valid range is 0 to 100.
Saving Changes
After configuring the options, click Update to save the changes. A confirmation dialog will appear to confirm the action.
Note that changes to these options take effect immediately.