XML - Sign

Declaration:

<AMXMLSIGN SIGNUSING="text [options]" KEYCONTAINERNAME="text" KEYCONTAINERLEVEL="text" KEYPAIRFILE="text" PASSWORD="text"/>

See Also:

XML - Create Node | XML - Create Session | XML - Dataset to XML | XML - Delete Node | XML - Edit Node | XML - End Session | XML - Evaluate Xpath | XML - Export | XML - Import | XML - Node to Dataset | XML - Read Node | XML - Save | XML - Transform | XML - Validate | XML - Verify

Sign XML Document

Declaration:

<AMXMLSIGN SIGNUSING="text [options]" KEYCONTAINERNAME="text" KEYCONTAINERLEVEL="text" KEYPAIRFILE="text" PASSWORD="text"/>

See Also:

Create XML Node | Dataset to XML | Delete XML Node | Edit XML Node | End XML Session | Evaluate Xpath Expression | Extract XML Fragment | Merge XML Files | Output XML | Read XML Node | Sign XML Document | Start XML Session | Transform XML | Validate XML File | Verify XML Document | XML Node to Dataset

Description

Signs an XML file with the specified key. Signing an XML file provides a means of verification that the file has not been modified. Use the Verify XML Document action XML - Verify activity to verify a previously signed XML file. Signatures can be added using Key Container or Public/Private Key files generated using the Generate Key Files action.

IMPORTANT: AutoMate's XML actions require a basic understanding of XML and related terms, such as XPath, DTD and XSLT.

Practical Usage

Used to verify if anyone has changed the original XML file.

Parameters

General Properties

Property

Type

Req'd

Default

Markup

Description

Sign using

Text (options)

No

Key Container

SIGNUSING="Keyfile"

The method in which to sign the XML document. The available options are:

  • Key Container (default) - Signing will be performed using a key container.  

  • Key File - Signing will be performed using a key file (normally a pri or .pfx file). You can generate a key file using the Generate Key File action.

NOTE: Different parameters become available depending on which option is selected.

Key container name

Text

Yes if signing method is Key Container

(Empty)

KEYCONTAINERNAME="Automate"

The name of the key container to identify which private or public key to use. You can select the key container by clicking the Select Key Container button. This opens a key container browser allowing you to select from a list of available keys. This parameter is available only if the Sign Using parameter is set to Key Container.

Key container level

Text

No

User

KEYCONTAINERLEVEL="Machine"

Specifies the level in which the keys are stored. This parameter is available only if the Sign Using parameter is set to Key Container. The available options are:

  • User Level (Default)

  • Machine Level

Keypair file

Text

Yes if signing method is Key File

(Empty)

KEYPAIRFILE="c:\temp\secret.pri"

The path and file name of the public key (.pfx or .pri) file on your system in which to sign the document with. This parameter is available only if the Sign Using parameter is set to Key File.

Password

Text

Yes if signing method is Key File

(Empty)

PASSWORD="encrypted"

The password used to authenticate the public key. This is normally required during creation of the private key (usually used for .pfx file). This parameter is available only if the Sign Using parameter is set to Key File.

Session Name

Text

No

XMLSession1

SESSIONNAME="FirstXMLSession"

The session name created by a previous Start XML Session step that this action should identify with. This allows several in-memory XML documents to be active simultaneously within the same task.

 

Comparing Machine-Level and User-Level RSA Key Containers

Comparing Machine-Level and User-Level RSA Key Containers

User-level RSA key containers are stored with the Windows user profile for a particular user and can be used to encrypt and decrypt information for applications that run under that specific user identity. User-level RSA key containers can be useful if you want to ensure that the RSA key information is removed when the Windows user profile is removed. However, because you must be logged in with the specific user account that makes use of the user-level RSA key container in order to encrypt or decrypt protected configuration sections, they are inconvenient to use.

Machine-level RSA key containers are available to all users that can log in to a computer, by default, and are the most useful as you can use them to encrypt or decrypt protected configuration sections while logged in with an administrator account. A machine-level RSA key container can be used to protect information for a single application, all the applications on a server, or a group of applications on a server that run under the same user identity. Although machine-level RSA key containers are available to all users, they can be secured with NTFS Access Control Lists (ACLs) so that only required users can access them.

Notes

Custom Description

This action includes the Description tab for entering a custom step description.

More on setting custom step description

Standard Error Handling Options

This action also includes the standard Error Causes and On Error failure handling options/tabs.

More on Error Handling Options

Variables and Expressions

All text fields allow the use of expressions, which can be entered by surrounding the expression in percentage signs (example: %MYVARIABLE%, %Left('Text',2)%). To help construct these expressions, you can open Expression Builder from these fields by pressing F2.

More on variables
More on expressions

More on the expression builder

Example

NOTE: The code below can be copied and pasted directly into the Steps pane of the Task Builder.

 

Example 1 -  Sign XML document using key container (level USER).

 

<AMXMLSIGN SIGNUSING="KEYCONTAINER" KEYCONTAINERNAME="myContainer" KEYCONTAINERLEVEL="USER" SESSION="myXMLSession" />

 

 

Example 2 -  Sign XML file using a public/private key pair file.

 

<AMXMLSIGN SIGNUSING="KEYFILE" KEYPAIRFILE="C:\Temp\myKey.pri" PASSWORD="AM2h7iOD6MfRFWVuJkPsR9EVea4/Q/CHyVVaME" SESSION="myXMLSession" />

 

↑ Top of Page