Inspection sheet's format
The result of a validation is an inspection sheet. This inspection sheet contains the results of the validation and provides detailed information on how the result was achieved. In this dialogue section, you can decide whether the inspection sheet is created as an HTML, PDF or XML file.
· HTML: The inspection sheet can be displayed in a browser.
· PDF: The inspection sheet can be displayed in any PDF reader.
· XML: The inspection sheet in XML format can be transferred, for example, to automatic evaluation software or long-term storage software.
The file extension of the inspection sheet is defined according to the selection you have made. In the following examples, the PDF format was selected for the output of the inspection sheet. The file names of the signed files are extended as follows for the inspection sheet:
· Example.txt.p7s.pdf
· Example_signed.xml.pdf
· Example_signed.pdf.pdf
Add the "_validation-protocol.<file-format>" extension to the inspection sheet
If you want the name of the inspection sheet file to differ more clearly from the name of the signed file, you can change the filename of the inspection sheet in this dialogue section, in which case the filename is extended as follows:
_validation.protocol.<file-format>
Here, <file-format> stands for the previously selected format of the inspection sheet file, i.e. either HTML, PDF or XML. If you want to extend the filename to this format, select the checkbox left or the description-text, see also Figure 28. In the following examples, the PDF format was selected for the output of the inspection sheet:
· Example.txt.p7s_validation-protocol.pdf
· Example_signed.xml_validation.protocol.pdf
· Example_signed.pdf_validation.protocol.pdf
Validation service
Use the functionality "Validate" to check whether an electronically signed file is unchanged (integrity) and the signature really originates from the given person (authenticity). Furthermore, it is validated whether the signature certificate has been valid at signing time. This process is described in chapter 6.5.
For validation Governikus DATA Boreum must connect to a validation service. The validation service executes the validation. The validation service is part of the Governikus Suite. You will get the connection data from your system administrator. You can get the required parameters for the following input fields from your Governikus system administrator.
· Server name: Enter the URL to the validation service here. The URL has this structure: https://<server>:8443/CertificateValidationServer/cvs. Where <server> is the name of the server on which the validation service is operated.
· Currently valid and future valid certificate: The certificate that is uploaded here is used to validate the signed response of the Validation Service. Thus, it is assured that the response is returned by the Validation Service that you have configured on this tab. Certificates must be renewed in time before they expire. For a smooth exchange of certificates, you can additionally upload the "Future valid certificate" that will replace the "Currently valid certificate" in the future. The certificate exchange is automated. On every validation-request Governikus DATA Boreum checks whether the certificate is still valid. If the certificate is no longer valid, it is automatically deleted and the certificate from the row "Future valid certificate" is moved to the row "Currently valid certificate". If no valid certificates are available the validation of the signature contained in the response of the Validation Service fails.
- Currently valid certificate: Upload the currently valid certificate here, see next item "Load certificate".
- Future valid certificate: You can upload another certificate in this row. This certificate is used to replace the currently valid certificate after it has expired.
· Load certificate: Use this button to upload a new certificate. In your file system navigate to the directory where the certificate is saved. The certificate is given to you by your administrator. The file must have the suffix .cer or .crt. ATTENTION: If a certificate already exists, it will be replaced without warning.
· Display certificate: Click this button to display the certificate in a separate window. This button is only active if a certificate was loaded. After loading a certificate, the button is labelled with the certificate owner's name.
- You can either close the dialog with the OK button or
- Save the certificate as a file with the "Save" button.
- Use the "Validate" button for an online validation of the certificate. The inspection sheet is displayed in a separate window.
· Cancel: If you use the cancel-button the dialog is closed. If you have changed the configuration the changes are omitted.
· Save: If you click the save-button the connection data is validated. If a connection can be established with the above data the connection data is saved and the dialog is closed.
The following figure shows the "Validation" tab with an example setting.
Figure 28: Validation tab
Shortcuts on this dialog
· Alt + c = the selected certificate is displayed
· Alt + l = load certificate from file