LogoLogo
  • Introduction
  • Getting Started
  • SenseCrypt Server
    • Starting the server
    • Configuration
    • Licensing and Authorization
    • Using the Swagger Docs page
    • Authorization
    • Using a JWT Token for Mobile Authorization
    • Getting information about your license
    • SenseCrypt eID
      • Generating your first SensePrint eID QR
      • Generating a raw SensePrint
      • Decrypting a raw SensePrint
      • Parsing a SensePrint
    • SenseCrypt Face PKI
      • Configuration
      • Accessing your Root Certificate
      • Generate your first Face Certificate
      • Verifying a Face Certificate
      • Encrypting Data/Keys using a Face Certificate
      • Face Decrypting Data/Keys
      • Face Signing
      • Face Signature Verification
    • Accessing the server for testing
    • Liveness Image Requirements
  • SenseCrypt Mobile SDKs
    • Licensing
    • Authorization for Online SDKs
    • Liveness and Face Capture
    • Android SDK
    • iOS SDK
  • Conclusion
  • FAQ & Search
  • Appendix
    • Privacy Preserving Biometric Verifiability
    • Principles of Privacy Preserving Face Verification
    • Foundational vs Functional eID
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. SenseCrypt Server
  2. SenseCrypt Face PKI

Configuration

How to enable Face PKI features

PreviousSenseCrypt Face PKINextAccessing your Root Certificate

Last updated 8 months ago

Was this helpful?

This section serves as a reminder that for SenseCrypt Face PKI features to work, you must configure the issuers_private_key in your secrets.json file while running the server (please see the section).

If you do not set this, most SenseCrypt Face PKI end-points will return the following error with a 403 status code:

{
  "code": "ERR_ISSUER_PRIVATE_KEY_NOT_SET",
  "message": "The issuer's private key is not set. Please set the issuer's private key before attempting this operation."
}

Assuming you have setup your private key, in the next section we will understand how a third-party can access your Root CA Certificate for Face Certificate verification.

If you want to independently generate a key-pair (without using the installation script), it is described .

Starting the server
here