Nexus Timestamp Server
Nexus Timestamp Server
Breadcrumbs

Use Nexus Timestamp Server test client

This article includes updates for Nexus Timestamp Server 2.3.0.

Nexus Timestamp Server  includes a simple test client that can be installed with the server and be used for sending requests. It is located in the installation directory.

Mandatory parameters in a request are url and either data or tsq.

To get help, enter tsp --help and you receive this information:

Command

Description

--url http://timestamp.nexusgroup.com

The full URL to the TSA service.

--data <filename>

A file that shall be timestamped.

--tsq <filename>

An existing timestamp request in binary format (DER) to send.

--outrq <filename>

Save the timestamp request in binary format (DER).

--out <filename>

Save the timestamp response generated by the TSA (DER).

--alg sha-1|sha-256|sha-512

Digest Algorithm must be set if -data is used.

--cert 

Certificate will be included in response (optional). The response will be verified if this parameter is set.

--nonce

Nonce set in request (optional).

--policy oid-policy

Policy used to generate a timestamp response (optional).

--keys filename:pin

The path and file name (optional, but needed for client ssl).

--trust filename:pin

The path and file name (optional, but needed for ssl). A directory containing trusted certificates may be specified instead of a file.

--password

Password to open key store (optional, but needed for client ssl).

--isAuthcode

true | false - Sets the flag for Authenticode request.

Here are some examples of timestamp requests:

Example 1: Request without TLS 
tsp --url http://localhost:8879/sample/tsa --tsq timestamp.tsq
Example 2: Request without TLS 
tsp --url http://localhost:8879/sample/tsa --data timestamp.txt --alg SHA-256 --cert
Example 3: Request with TLS 
tsp --url https://localhost:8843/sample/tsa --tsq timestamp.tsq --trust certs/ --keys keys/sslClient.p12:1234 --password 1234 --cert
Example 4: Request with TLS with client authentication 
tsp --url https://localhost:8886/sample2/tsa --data timestamp.txt --alg SHA-256 --trust certs/ --keys keys/sslClient.p12:1234 --password 1234
Example 5: Authenticode Request

This example will not apply the signature on the file.

tsp --url https://localhost:8879/authenticodesample/tsa --data timestamp.ps1 --isAuthcode true --alg SHA-256

External timestamp client

To create a timestamp request:

  1. Send the timestamp request to the timestamp service.

  2. Verify the response. For example, you can use one of these tools:

  • OpenSSL

  • cURL