Procedure: How to Signing a Process Flow Before Distribution to a Run-time Server
As a simple example, consider a case where the process flow is signed before the vendor distributes it to a customer. To test this case, use two different iWay servers for testing (for example, iWay Server A and iWay Server B).
-
Enable a
policy for signing process flows on iWay Server A.
The command is: Set policy signpflow true
To enable a policy for signing process flows inside a specific configuration, for example, base, the command is: Set policy base/signpflow true
-
Create a
simple process flow on iWay Server B, for example, move,
which consists of a Move service.
-
Sign the
process flows before distribution on iWay Server B.
Tool signtree -s SecurityTest.xmlwhere:
- SecurityTest.xml
Is the process flow to be distributed.
-
Verify of
the process flow on iWay Server A where distribution is done internally,
provided the policy is enabled, as described in step 1. Import the
process flow SecurityTest.xml on the run time iWay Server A. Name
the process flow SecurityTest.
The process flow is successfully imported onto iWay Server A as the signature is set.
- On iWay Server A, create a channel containing the process flow SecurityTest inside a route. Build and deploy the channel. Perform a test run on the channel to verify the move process.