Verify attachment’s signature
The action is complementary to the Sign an attachment action.
It is used to validate digital signatures applied to the attachments of the workflow instance.
The action also verifies the certificate’s source and issuer, returns the validation results according to the configuration, and determines the behavior of the system in the event of a failed validation.
In the simplest scenario, when defined on the Attachments menu trigger, the action will display the result of the verification to the user.
For other triggers (those that force the instance to save, e.g. On path, Upon instance saving), there are additional configuration options that allow the verification results to be saved in specified form fields.
These can be technical fields in read-only mode. The result can be saved in a Yes/No choice field, while the details and log can be placed in a Multiple lines of text field.
Once saved in appropriate fields, the result can then be used in comparisons that control the business logic.
1. Attachments to be processed
Specify how source files are selected for the validation process, either by defining a Category, Regular expression or an SQL query.
2. Verification parameters
The section allows you to determine the following:
- Validation level – verification may cover the validity of the signature itself or both the signature and the trusted certificate.
- Certificate issuer filter – limits the usable digital signatures to those issued by approved sources. The value entered here is then checked against the value in the Issuer field from the certificate’s (signature’s) properties.
- Behavior – indicate how the system will behave after verification of the signature.
If the Information checkbox is selected, the system will allow the workflow to progress down the path regardless of the verification result, and the verification outcome will be logged in the system. On the other hand, if the Block transition box is checked and the signature verification fails, the system will not only log the verification outcome, but also block the path and deny entry to the next step.
3. Verification results
Form fields in which information about the outcome of the verification process is contained (the information logged in these form fields can then be used further in the workflow).
4. Variables editor
Dynamically generated tree containing all variables that may be used in the current location of Designer Studio. Information on how to use variables in WEBCON BPS, as well as a list of variables can be found here.
In addition to signatures made with server certificates, it is possible for the user to apply a personal signature, or use one of the many available external tools. These methods are described in a series of community articles.