With the Digital Signature Verification policy, the signed incoming message is verified.

Multiple signature verification processes can be performed with different settings in a message.

The image containing the policy settings is given below:


The policy fields are shown in the table below.

Field

Description

Description

A description can be written to facilitate the use and management of the policy.

Verification Definitions

This is the section where the signature fields of the message to be verified are set. More than one can be added.  

The image containing the verification definition settings is given below:


Verification definition fields are shown in the table below.

Field

Description

Short Description

A short description of this signature verification definition can be entered.

Part of Message that is Signed

A variable is selected or defined to determine which part of the message is signed.

Signed Content's Location

A variable is selected or defined to determine where the signed content is placed within the message.

Source of Algorithm

The algorithm used for the signing process can be selected or taken directly from the request message:

  • Specify the Algorithm: If this option is selected, which algorithm to use must be specified manually.
  • Find in Request: If this option is selected, it must be specified from where in the message the encryption algorithm will be received.

Algorithm

İmzalama Algoritması Kaynağı Algoritma olarak seçiliyse imza algoritması seçilir:

If the source of the signing algorithm is selected as algorithm, the signature algorithm is selected:

  • NONEwithRSA
  • MD2withRSA
  • MD5withRSA
  • NONEwithDSA
  • SHA1withRSA
  • SHA224withRSA
  • SHA256withRSA
  • SHA384withRSA
  • SHA512withRSA
  • SHA1withDSA
  • SHA224withDSA
  • SHA256withDSA
  • NONEwithECDSA
  • SHA1withECDSA
  • SHA224withECDSA
  • SHA256withECDSA
  • SHA384withECDSA
  • SHA512withECDSA

Variable for Algorithm

If the source of the signing algorithm is selected as getting in request, a variable is selected or defined to get the name of the algorithm for the message.

Key Or Certificate

It can use a specific key or a certificate containing a key.

Key

If the key is selected, existing key can be selected or a new key can be generated for the signature verification.

Certificate

If the certificate is selected, existing certificate can be selected or a new certificate can be generated for the signature verification.

Encoding For Signed Content

The encoding of the signed content is chosen:

  • Base64
  • Hexadecimal


To learn more about adding or managing new keys or certificates, you can visit the Secret Manager page.

You can visit the Policies page for the details of the Conditions and Error Message Customization panels.