Use Nexus Timestamp Server test client
This article includes updates for Nexus Timestamp Server 2.3.0.
Nexus Timestamp Server includes a simple test client that can be installed with the server and be used for sending requests. It is located in the installation directory.
Mandatory parameters in a request are url and either data or tsq.
To get help, enter tsp --help
and you receive this information:
Command | Description |
---|---|
--url http://timestamp.nexusgroup.com | The full URL to the TSA service. |
--data <filename> | A file that shall be timestamped. |
--tsq <filename> | An existing timestamp request in binary format (DER) to send. |
--outrq <filename> | Save the timestamp request in binary format (DER). |
--out <filename> | Save the timestamp response generated by the TSA (DER). |
--alg sha-1|sha-256|sha-512 | Digest Algorithm must be set if -data is used. |
--cert | Certificate will be included in response (optional). The response will be verified if this parameter is set. |
--nonce | Nonce set in request (optional). |
--policy oid-policy | Policy used to generate a timestamp response (optional). |
--keys filename:pin | The path and file name (optional, but needed for client ssl). |
--trust filename:pin | The path and file name (optional, but needed for ssl). A directory containing trusted certificates may be specified instead of a file. |
--password | Password to open key store (optional, but needed for client ssl). |
--isAuthcode | true | false - Sets the flag for Authenticode request. |
Here are some examples of timestamp requests:
Example 1: Request without TLS
tsp --url http://localhost:8879/sample/tsa --tsq timestamp.tsq
Example 2: Request without TLS
tsp --url http://localhost:8879/sample/tsa --data timestamp.txt --alg SHA-256 --cert
Example 3: Request with TLS
tsp --url https://localhost:8843/sample/tsa --tsq timestamp.tsq --trust certs/ --keys keys/sslClient.p12:1234 --password 1234 --cert
Example 4: Request with TLS with client authentication
tsp --url https://localhost:8886/sample2/tsa --data timestamp.txt --alg SHA-256 --trust certs/ --keys keys/sslClient.p12:1234 --password 1234
Example 5: Authenticode Request
This example will not apply the signature on the file.
tsp --url https://localhost:8879/authenticodesample/tsa --data timestamp.ps1 --isAuthcode true --alg SHA-256
External timestamp client
To create a timestamp request:
Send the timestamp request to the timestamp service.
Verify the response. For example, you can use one of these tools:
OpenSSL
cURL