Digital Signatures and Certificates

The TIBCO iProcess Web Services Plug-in supports the use of SOAP digital signatures and digital certificates that conform to the X.509 standard. Certificates are used to verify your identity by means of a trusted third party (for example, Verisign).The following diagram shows how certificates can be used:

The following figure shows how SOAP digital signatures using public/private key encryption work.

How to accomplish this with the TIBCO iProcess Web Services Plug-in

1. Certificates - in a test environment, generate the certificate using your preferred tool. In a production environment, you should obtain a signed certificate from a trusted third party. Put the certificate in the SOAP/SSL Security keystore that you specified when you installed iProcess Web Services Plug-in. For more information see the TIBCO iProcess Web Services Server Plug-in Installation Guide and TIBCO iProcess Web Services Client Plug-in Installation Guide.

Signatures - generate the signature using your preferred tool.

Note 

The Java Development Kit (JDK) provides a command line tool called keytool located in the %JAVA_HOME%/bin directory of the JDK. You can use this tool to generate and store public/private keys. For more information, seehttps://docs.oracle.com/en/java/javase/11/security/java-security-overview1.html. There are also several tools available that use graphical interfaces.

2. Specify the signature or certificate details in the Security Profile Administrator (see Setting Up and Managing Security Profiles).