Procedure: How to Signing a Process Flow Before Distribution to a Run-time Server
As a simple example, let's consider a case where the process flow is signed before the vendor distributes it to the customer. To test this case use 2 different iWay 6.0.1 servers for testing, say iWay Server A and iWay Server B.
-
Turn policy
on for signing process flows on the iWay server A.
The command is: Set policy signpflow true
To turn policy on for signing process flows inside a specific configuration, for example, base, the command is Set policy base/signpflow true
-
Create a
simple process flow on the server B, say move which consists
of a MoveAgent as shown in the following image.
-
Sign the
process flows before distribution on the server B.
Tool signtree -s SecurityTest.xml
Where SecurityTest.xml is the processflow to be distributed.
- Verification of the process flow on the iWay server A where it is distributed is done internally provided the policy is set to on as described in step 1. Import the process flow SecurityTest.xml on the run time iWay server A. Let the process flow be "SecurityTest".
- The process flow is successfully imported onto the server A as the signature is set.
- On server A, create a channel containing the process flow SecurityTest inside a route. Build and deploy the channel. Do a test run on the channel to verify move process.