Verify attachment’s signature

The action is complementary to the Sign an attachment action.
It is used to validate digital signatures applied to the attachments of the workflow instance.
The action also verifies the certificate’s source and issuer, returns the validation results according to the configuration, and determines the behavior of the system in the event of a failed validation.

1. Attachments to be processed

Specify how source files are selected for the validation process, either by defining a Category, Regular expression or an SQL query.

2. Verification parameters

The section allows you to determine the following:

• Validation level – verification may cover the validity of the signature itself or both the signature and the trusted certificate.
• Certificate issuer filter – limits the usable digital signatures to those issued by approved sources. The value entered here is then checked against the value in the Issuer field from the certificate’s (signature’s) properties.
• Behavior – indicate how the system will behave after verification of the signature.
  If the Information checkbox is selected, the system will allow the workflow to progress down the path regardless of the verification result, and the verification outcome will be logged in the system. On the other hand, if the Block transition box is checked and the signature verification fails, the system will not only log the verification outcome, but also block the path and deny entry to the next step.

3. Verification results

Form fields in which information about the outcome of the verification process is contained (the information logged in these form fields can then be used further in the workflow).

4. Variables editor

Dynamically generated tree containing all variables that may be used in the current location of Designer Studio. Information on how to use variables in WEBCON BPS, as well as a list of variables can be found here.