Skip to main content
Skip table of contents

Launch Certificate Manager clients

The Smart ID Certificate Manager (CM) clients, with the exception of the CM SDK, have several features in common. They are installed in the same directory, they all listen to the same port etc. Also, a common method is used when starting the CM clients Administrator's workbench (AWB)Registration Authority (RA) in Certificate ManagerCertificate Controller (CC) in Certificate Manager and Secure Printer (SP) in Certificate Manager. They are all started by a program named launch.exe.

The launching technique described in this article applies to the clients running on Windows. Use the appropriate shell script available in <install_root>/bin to start a client on Linux.


Configure how CM clients are started
Command switches

You use command switches to control the options with which a particular client is started. These command switches can be customized in a configuration file named launch.ini. When initiated, launch.exe reads launch.ini from the same folder in order to interpret the switches given by the start command.

Shortcut icon

You can create a shortcut icon with properties to, for example, start an instance of the Certificate Controller (CC) which can only be used for certificate revocation. It is not only convenient to use shortcut icons to start the CM clients, it is also much more effective from a resource point of view, as all clients started via launch.exe are using the same JRE.

Examples of the start command

Start the Certificate Controller (CC) without any options

  • Enter the start command:

    Example: Start the CC without any options

    CODE
    launch.exe -CC

    where CC has the following default definition in launch.ini:

    CODE
    CC=com.id2tech.cm.rc.Rrc

Start the Certificate Controller (CC) with revocation possibilities only

  • Enter the start command:

    Example: Start the CC with revocation possibilities only

    CODE
    launch.exe -CCREVOKE

    where CCREVOKE has the following definition in launch.ini:

    CODE
    CCREVOKE=/action nkcs com.id2tech.cm.rc.Rrc

Switch definitions

n=No action

h=Hold

r=Reinstate

a=Revoke - Affiliation changed

k=Revoke - Key compromised

c=Revoke - Cessation of Operation

s=Revoke - Superseded

w=Revoke - PrivilegeWithdrawn

u=No Reason Code

p=Publish

q=Hide the set, delete and keep current buttons in the "publish with revocation password" dialog.

The command switches can be configured to prevent the display of certain revocation reasons in some instances of CC clients.

Specify JRE

You can control which JRE that will run the application.

Option 1:

  • Edit the COMMAND line in launch.ini, and enter the full path to a javaw executable.

Option 2:

  • Use an environment variable named CM_CLIENT_JAVA: 
    Specify this variable in the same way JAVA_HOME is usually specified, for example, the home folder of the JRE installation, such as C:\Program Files (x86)\Java\my_jre\. If there is an absolute path already specified in COMMAND, the environment variable will not be read.
Change default configuration path

All configuration files for CM clients (expect from the launch.ini for Windows platforms) are installed in the configuration files folder that you selected during installation. After the installation, you can change, and manually move, the configuration files to any other path. After moving the files the following changes are required:

Windows platform

  • Edit launch.ini and set the new configuration path:

    CODE
    ;Client configuration directory
    CONFIGURATION=<new_configuration_path>

Linux platform

  • Edit each executable start script under <install_root>/bin/ and set the new configuration path after the -configuration parameter in the script's last line.
Recommendations

The installation is made with the default memory heap size of the JRE. If problems with memory usage is encountered, you can increase the heap size.

To do this, alter the COMMAND key in launch.ini.

Related information

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.