The iwdevkit extension includes a utility program for signing and verifying configuration files using XML digital signature. This includes the runtime dictionary and all compiled process flows. When running in an appropriate license, the server will not start if it detects an unsigned or incorrectly signed runtime configuration nor will it execute an unsigned or incorrectly signed process flow.

To run this utility, use the server's tool command.

>tool SignTree [-s|-v] <input file> [<output file>]

If the output file is omitted, the input file is rewritten with an XML signature. Use -s to sign (this is the default) and -v to verify.

Files to be manipulated can be anywhere in the file system. For a given configuration, the dictionary is <iwayhome>/config/<configname>/<configname>.xml.

As a convenience, the xml suffix will be added by the utility if it is omitted. iWay home is the base of the iWay server installation.

Process flows are carried in the configuration's processes subdirectory. They are named <name>_compiled_date.xml, and it is these that must be signed. The _gui and _image files are used for design only, and are not needed at runtime.

The SignTree utility is also available as a Windows OS command shell program. The command file for using this is located in the /doc subdirectory of the iwdevkit extension. This file, signtree.cmd, should be placed into the iWay home directory. The command will only operate if the iwdevkit extension is in the extensions area.

Naturally, the iwdevkit extension should not be distributed to customers.