Signing Files

The Security Developers Tools extension (iwdevkit) includes a utility program for signing and verifying files. To run this utility, use the following server tool command:

>tool SignTree [-s|-v] <input file> [<output file>]

If the output file is omitted, the input file is rewritten with an XML signature. Use –s to sign (this is the default) and –v to verify.

Files that require manipulation can be located anywhere on the file system. For a given configuration, the dictionary is:

<iwayhome>\config\<configname>\<configname>.xml

As a convenience, the .xml suffix will be added by the utility if it is omitted. iWay home is the base of the iWay server installation.

Process flows are carried in the configuration processes subdirectory. They are named <name>_compiled_date.xml, and it is these that must be signed. The _gui and _image files are used for design time only, and are not needed at runtime.

The SignTree utility is also available as an Operating System command under the bin directory of the installation directory. On Windows, the batch file is called signtree.cmd. On Unix, the script is called signtree.sh. The command line options are the same as described in this section for the SignTree utility. This file should be placed into the iWay home directory. The command will only operate if the iwdevkit extension is in the extensions area. Naturally, the iwdevkit extension should not be distributed to customers.


iWay Software