About log signing
The server supports the ability to cryptographically sign a log to ensure that it has not been modified in any way.
For example, financial institutions require audit logs for all transactions to check for correctness. Tamper-proof files are needed to ensure that these transactions can be properly validated and ensure that they have not been modified by any third-party entity or internally by unscrupulous employees.
Use the dsconfig
tool to enable the sign-log
property on a log publisher to turn on cryptographic signing.
When enabling signing for a logger that already exists and was enabled without signing, the first log file is not completely verifiable because it still contains unsigned content from before signing was enabled. Only log files whose entire content was written with signing enabled are considered completely valid. For the same reason, if a log file is still open for writing, then signature validation does not indicate that the log is completely valid because the log doesn’t include the necessary end signed content indicator at the end of the file.
To validate log file signatures, use the validate-file-signature
tool provided in the bin
directory of the server or the bat
directory for Windows systems.
After you have enabled this property, you must disable and then re-enable the log publisher for the changes to take effect.