With the Digital Signature policy, the content signing process is done by selecting the part of the message to be signed, the part to which this message will be added after it is signed, the signing algorithm and the signing key.

Multiple signing operations can be performed with different settings in a message.

The image containing the policy settings is given below:


The policy fields are shown in the table below.

Field

Description

Description

A description can be written to facilitate the use and management of the policy.

Signing Definitions

This is the section where the settings of the fields to be signed of the message are set. More than one can be added.

  

The image containing the signature definition settings is given below:


Signature definition fields are shown in the table below.

Field

Description

Sort Description

A short description of this signature definition can be entered.

Signed Content's Location

A variable is selected or defined to determine where the signed content is placed in the message.

Part of Message to Sign

A variable is selected or defined to determine which part of the message will be signed.

Algorithm

The signing algorithm is chosen:

  • NONEwithRSA
  • MD2withRSA
  • MD5withRSA
  • NONEwithDSA
  • SHA1withRSA
  • SHA224withRSA
  • SHA256withRSA
  • SHA384withRSA
  • SHA512withRSA
  • SHA1withDSA
  • SHA224withDSA
  • SHA256withDSA
  • NONEwithECDSA
  • SHA1withECDSA
  • SHA224withECDSA
  • SHA256withECDSA
  • SHA384withECDSA
  • SHA512withECDSA

Variable for Algorithm

If the name of the signature algorithm is desired to be sent in the message, a variable is selected or defined to determine where to put it.

Key or Certificate

It can use a specific key or a certificate containing a key.

Encryption Key

If the key is selected, existing keys are selected for encryption or a new key is generated.

Certificate

If the certificate is selected, existing certificates are selected for encryption or a new certificate is created.

Encoding for Signed Content

The encoding of the signed content is chosen:

  • Base64
  • Hexadecimal

  

To learn more about adding or managing new keys or certificates, you can visit the Secret Manager page.

You can visit the Policies page for the details of the Conditions and Error Message Customization panels.