The XML Signature command is available in Authentic View when the associated SPS has XML Signatures enabled. The XML Signature command is also available as the XML Signature toolbar icon in the Authentic toolbar.
Verification and own certificate/password
Clicking the XML Signature command starts the signature verification process. If no signature is present in the document, a message to that effect is displayed in the XML Signature dialog (see screenshot below), and the dialog will have a button that enables the Authentic View user to sign the document.
If the Select Own Certificate or Select Own Password button is present in this dialog, it means that the Authentic View has been given the option of selecting an own certificate/password. (Whether a certificate or password is to be chosen has been decided by the SPS designer at the time the signature was configured. The signature will be either certificate-based or password-based.) Clicking either of these buttons, if present in the dialog, enables the Authentic View user to browse for a certificate or to enter a password. The Authentic View user's selection is stored in memory and is valid for the current session only. If, after selecting a certificate or password, the document or application is closed, the certificate/password setting reverts to the setting originally saved with the SPS.
Verification and authentication information
If the verification process is run on a signed document, two general situations are possible. First: If the authentication information is available (in the signature or the SPS), then the verification process is executed directly and the result is displayed (screenshot below).
Authentication information is either the signing certificate's key information or the signing password. The SPS designer can specify, in the XML Signature Settings, that the certificate's key information be saved in the signature, or that the password be saved in the SPS. In either of these cases, the authentication is available. Consequently the verification process will be run directly, without requiring any input from the Authentic View user.
The second possible general situation occurs when authentication information is not available in the signature (password not saved) or SPS file (certificate's key information not saved). In this situation, the Authentic View user will be asked to supply the authentication information: a password (see screenshot below) or the location of a certificate.
© 2019 Altova GmbH