Validating a signed file - PingDirectory

Page created: 26 Jul 2021 |

Page updated: 7 Dec 2022

| 1 min read

9.0 Product PingDirectory Directory Capability Product documentation Content Type Administration User task IT Administrator Administrator Audience Software Deployment Method Monitoring and Management System Administrator

The Directory Server provides a tool, validate-file-signature, that checks if a file has not been tampered with in any way.

Run the validate-file-signature tool to check if a signed file has been tampered with.

For this example, assume that the sign-log property was enabled for the File-Based Audit Log Publisher.

$ bin/validate-file-signature --file logs/audit

All signature information in file 'logs/audit' is valid

Note:

If any validations errors occur, you will see a message similar to the one as follows.

One or more signature validation errors were encountered 
while validating the contents of file 'logs/audit':
* The end of the input stream was encountered without 
  encountering the end of an active signature block.  
  The contents of this signed block cannot be trusted 
  because the signature cannot be verified