diff --git a/conf/uts-server.cnf b/conf/uts-server.cnf
index 677f2ac..4127140 100644
--- a/conf/uts-server.cnf
+++ b/conf/uts-server.cnf
@@ -93,7 +93,7 @@ default_tsa = tsa_config1	# the default TSA section
 
 # These are used by the TSA reply generation only.
 dir		= ./demoCA		# TSA root directory
-serial		= $dir/tsaserial	# The current serial number (mandatory)
+serial		= ./tsaserial	# The current serial number (mandatory)
 crypto_device	= builtin		# OpenSSL engine to use for signing
 signer_cert	= $dir/tsacert.pem 	# The TSA signing certificate
 					# (optional)
diff --git a/inc/context.h b/inc/context.h
index 6042c06..25a9aac 100644
--- a/inc/context.h
+++ b/inc/context.h
@@ -20,6 +20,7 @@ typedef struct {
     TS_RESP_CTX *resp_ctx;
     int loglevel;
     const char *http_options[40];
+    TS_RESP_CTX *ts_ctx;
 } rfc3161_context;
 
 struct rfc3161_option {
diff --git a/inc/rfc3161.h b/inc/rfc3161.h
index 8edba50..d66e7ed 100644
--- a/inc/rfc3161.h
+++ b/inc/rfc3161.h
@@ -14,6 +14,11 @@
 /* Name of config entry that defines the OID file. */
 #define ENV_OID_FILE "oid_file"
 
+#define B_FORMAT_TEXT 0x8000
+#define FORMAT_UNDEF 0
+#define FORMAT_TEXT (1 | B_FORMAT_TEXT) /* Generic text */
+#define FORMAT_ASN1 4                   /* ASN.1/DER */
+
 static ASN1_OBJECT *txt2obj(const char *oid);
 
 /* Reply related functions. */
@@ -30,9 +35,4 @@ static TS_RESP *create_response(CONF *conf, const char *section, char *engine,
 static ASN1_INTEGER *serial_cb(TS_RESP_CTX *ctx, void *data);
 static ASN1_INTEGER *next_serial(const char *serialfile);
 static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial);
-
-
-#define B_FORMAT_TEXT 0x8000
-#define FORMAT_UNDEF 0
-#define FORMAT_TEXT (1 | B_FORMAT_TEXT) /* Generic text */
-#define FORMAT_ASN1 4                   /* ASN.1/DER */
+TS_RESP_CTX *create_tsctx(CONF *conf, const char *section, const char *policy);
diff --git a/inc/utils.h b/inc/utils.h
index 3b00f8f..cda05d9 100644
--- a/inc/utils.h
+++ b/inc/utils.h
@@ -1,4 +1,5 @@
 #include "context.h"
+#include "rfc3161.h"
 
 void skeleton_daemon();
 void logger(rfc3161_context *ct, int priority, char *fmt, ...);
diff --git a/src/lib/http.c b/src/lib/http.c
index 0b6b4b3..8123b49 100644
--- a/src/lib/http.c
+++ b/src/lib/http.c
@@ -107,7 +107,8 @@ int http_server_start(char *conffile, bool stdout_dbg) {
     rfc3161_context *ct = (rfc3161_context *)calloc(1, sizeof(rfc3161_context));
     ct->stdout_dbg = stdout_dbg;
     ct->loglevel = 8;
-    set_params(ct, conffile);
+    if (!set_params(ct, conffile))
+        return 1;
 
     // Prepare callbacks structure. We have only one callback, the rest are
     // NULL.
diff --git a/src/lib/rfc3161.c b/src/lib/rfc3161.c
index 42afdb7..4304544 100644
--- a/src/lib/rfc3161.c
+++ b/src/lib/rfc3161.c
@@ -12,7 +12,6 @@
 #include <stdlib.h>
 #include <string.h>
 #include <stdbool.h>
-#include "utils.h"
 #include <sys/syslog.h>
 #include <openssl/bio.h>
 #include <openssl/err.h>
@@ -20,6 +19,7 @@
 #include <openssl/rand.h>
 #include <openssl/ts.h>
 #include <openssl/bn.h>
+#include "rfc3161.h"
 
 /* Name of config entry that defines the OID file. */
 #define ENV_OID_FILE "oid_file"
@@ -198,6 +198,53 @@ end:
     return resp;
 }
 
+TS_RESP_CTX *create_tsctx(CONF *conf, const char *section, const char *policy) {
+    int ret = 0;
+    TS_RESP_CTX *resp_ctx = NULL;
+    if ((section = TS_CONF_get_tsa_section(conf, section)) == NULL)
+        goto end;
+    if ((resp_ctx = TS_RESP_CTX_new()) == NULL)
+        goto end;
+    if (!TS_CONF_set_serial(conf, section, NULL, resp_ctx))
+        goto end;
+    if (!TS_CONF_set_crypto_device(conf, section, NULL))
+        goto end;
+    if (!TS_CONF_set_signer_cert(conf, section, NULL, resp_ctx))
+        goto end;
+    if (!TS_CONF_set_certs(conf, section, NULL, resp_ctx))
+        goto end;
+    if (!TS_CONF_set_signer_key(conf, section, NULL, NULL, resp_ctx))
+        goto end;
+
+    // if (md) {
+    //         if (!TS_RESP_CTX_set_signer_digest(resp_ctx, md))
+    //                 goto end;
+    // } else if (!TS_CONF_set_signer_digest(conf, section, NULL, resp_ctx)) {
+    //         goto end;
+    // }
+
+    if (!TS_CONF_set_def_policy(conf, section, policy, resp_ctx))
+        goto end;
+    if (!TS_CONF_set_policies(conf, section, resp_ctx))
+        goto end;
+    if (!TS_CONF_set_digests(conf, section, resp_ctx))
+        goto end;
+    if (!TS_CONF_set_accuracy(conf, section, resp_ctx))
+        goto end;
+    if (!TS_CONF_set_clock_precision_digits(conf, section, resp_ctx))
+        goto end;
+    if (!TS_CONF_set_ordering(conf, section, resp_ctx))
+        goto end;
+    if (!TS_CONF_set_tsa_name(conf, section, resp_ctx))
+        goto end;
+    if (!TS_CONF_set_ess_cert_id_chain(conf, section, resp_ctx))
+        goto end;
+    ret = 1;
+
+end:
+    return resp_ctx;
+}
+
 static TS_RESP *create_response(CONF *conf, const char *section, char *engine,
                                 char *query, char *passin, char *inkey,
                                 const EVP_MD *md, char *signer, char *chain,
diff --git a/src/lib/utils.c b/src/lib/utils.c
index 3a6c4f6..d52a8aa 100644
--- a/src/lib/utils.c
+++ b/src/lib/utils.c
@@ -9,10 +9,8 @@
 #include <openssl/bio.h>
 #include <errno.h>
 #include <string.h>
-#include "context.h"
 #include <syslog.h>
-
-#define FORMAT_TEXT 1
+#include "utils.h"
 
 typedef struct _code {
     char *c_name;
@@ -239,7 +237,10 @@ int set_params(rfc3161_context *ct, char *conf_file) {
         }
         ct->http_options[http_counter] = NULL;
     }
-    // device = NCONF_get_string(conf, section, ENV_CRYPTO_DEVICE);
+
+    ct->ts_ctx = create_tsctx(conf, "tsa", NULL);
+    if (ct->ts_ctx == NULL)
+        ret = 0;
     return ret;
 
 end: