Spotfire Developer Documentation

Signing a mod using Package Builder

Spotfire visualization mods are visualizations created using web technologies such as JavaScript or TypeScript, that run in the provided framework within Spotfire clients. Similarly, an action mod contains one or more scripts that can be triggered by actions done when using an analysis. Mods can be created and uploaded to a Spotfire library by any user with sufficient privileges. When mods are developed for a particular Spotfire environment, they can be signed by the user account that loads the mod project into Spotfire. However, if you want your mods to be signed in all environments, and possible to distribute to more people, you should use a certificate created by a certificate authority (CA) to sign your mods. You can sign a mod project, or a mod file, using the Spotfire Package Builder console by following the steps in this topic.

Before you begin

See the Spotfire Mods website on GitHub for instructions on how to develop mods.

  • You must have a code signing certificate from a trusted CA.
  • Use the Spotfire Package Builder console version 11.0 or later.

Procedure

  1. Open a command prompt in your Package Builder folder.
  2. Enter the needed information for the signing command.
    In this example, a signed .mod file is built using the following settings and prerequisites:
    • The target type is "mod".
    • The manifest file for the mod project (specified with the argument /mod-manifest) is "D:\Mods\Examples\my-mod\src\mod-manifest.json".
    • The target (the path and file name of the resulting signed .mod file) is "D:\Mods\Examples\signedmods\my-mod_signedmod.mod".
    • The resulting .mod file is signed by a local certificate stored in StoreLocation "CurrentUser", StoreName "TrustedPeople", FindType "FindByThumbprint" and ThumbprintId "f3ef5f85dc02480d1a0c4a4949405a06d9d9b5ff".
    Command line example: 
    .\Spotfire.Dxp.PackageBuilder-Console.exe /targettype:mod /mod-manifest:"D:\Mods\Examples\my-mod\src\mod-manifest.json" /target:"D:\Mods\Examples\signedmods\my-mod_signedmod.mod" /localcert:"CurrentUser:TrustedPeople:f3ef5f85dc02480d1a0c4a4949405a06d9d9b5ff:FindByThumbprint" /password:mycompanypassword
  3. Run the command in the command prompt.

Results

The signed .mod file is found in the specified target location.

Example: Signing or re-signing a .mod file

You can also sign an existing .mod file (exported from the Spotfire client or built using Package Builder): 

.\Spotfire.Dxp.PackageBuilder-Console.exe /targettype:mod /sign /target:"D:\Mods\Examples\signedmods\re-signedmod.mod" /localcert:"CurrentUser:TrustedPeople:FindByThumbprint:f3ef5f85dc02480d1a0c4a4949405a06d9d9b5ff"

Read more about trust in the Spotfire environment in the Spotfire Server – Installation and Administration Manual.

See also Examples of building using the Package Builder console.

Copyright © Cloud Software Group, Inc. All rights reserved.