Question
Virtusa
US
Last activity: 23 Aug 2018 19:06 EDT
Configure Robotics Runtime to load only signed packages
Hi,
we want to configure Pega Robotics Runtime such that, it will runs only the packages which are digitally signed.
Idea is to, stop running automations which are not signed.
Please let me know if there is a way of doing this.
Thanks & Regards
J Naresh Kumar
**Moderation Team has archived post**
This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.
Pegasystems Inc.
US
Naresh,
There is such a way to do so. You will need to acquire a code signing certificate to encrypt the deployment package. On the development machine you will install this code signing certificate with private key on to the development machine.
After the code signing certificate has been installed and you are ready to deploy the package, you will need to sign the deployment package with the use of the Project Deployment Signing Certificate browser.
Navigate to the code signing certificate that was installed earlier to sign the package.
On the Runtime machine, you will need to install the same code signing certificate without private key (public key only). After installing the code signing certificate with public key, you will need to adjust the user's (%appdata%/openspan) runtimeconfig.xml to indicate that the package downloaded requires a signing certificate in the security section of the runtimeconfig.xml
Below is a link that goes into detail of the security settings for the runtimeconfig.xml. The information can be found under the DeploymentSecurity section.
Naresh,
There is such a way to do so. You will need to acquire a code signing certificate to encrypt the deployment package. On the development machine you will install this code signing certificate with private key on to the development machine.
After the code signing certificate has been installed and you are ready to deploy the package, you will need to sign the deployment package with the use of the Project Deployment Signing Certificate browser.
Navigate to the code signing certificate that was installed earlier to sign the package.
On the Runtime machine, you will need to install the same code signing certificate without private key (public key only). After installing the code signing certificate with public key, you will need to adjust the user's (%appdata%/openspan) runtimeconfig.xml to indicate that the package downloaded requires a signing certificate in the security section of the runtimeconfig.xml
Below is a link that goes into detail of the security settings for the runtimeconfig.xml. The information can be found under the DeploymentSecurity section.
http://help.openspan.com/80/Platform_Configuration/RuntimeConfigXML.htm
You will also need to fill out the storelocation and subject of the code signing certificate that should be used to decrypt the package on the Runtime machine inside of the Security section.
Thanks,