Storage


To store the uploaded PDF documents, Bulksign requires the configuration of a storage path. This path can be both local (example c:\Program Files\Bulksign\Storage) or a network path (\\DSF\BulksignStorage)

Q: What is the protocol used to access files over the network share ?

A : Protocol is SMB. The opened ports required for SMB are 445 and 137-139 (these are used for NetBios/Name resolution).

Important!

If the network share is only accessible to a certain user, Bulksign IIS websites and Bulksign Windows service need also to be changed so they will run under the user which has access to the network share.

Please see this section about how to configure Bulksign for this scenario

Encrypting the stored data on disk

For security reasons, Bulksign also supports encrypting the data at rest (the stored documents on disk). The encryption is done using AES .

Here is how to enable the storage encryption :

    "StorageEncryption" : {
        "Enabled" : "true",
        "StorageEncryptionProvider" : "Bulksign.Integrations.EnvironmentStorageEncryptionProvider, Bulksign.Integrations.dll"
    },

To encrypt the data, a encryption key is needed. To retrieve the encryption key, Bulksign has a provider model which allows the key retrieval from any source. The default provider shipped with Bulksign allows the key to be stored in a environment variable (either the system or the user are supported, we recommand to user a user environemnt variable) . Here is how the configuration looks like :

   "StorageEncryptionProvider.EnvironmentVariable.VariableName" : "BulksignKey",// the name of the environemnt variable which contains the key
   "StorageEncryptionProvider.EnvironmentVariable.Target" : "User",             // allowed values are "Machine" or "User", depending where the environment variable is stored