Question
Macquarie Group
PH
Last activity: 5 Dec 2017 21:20 EST
Pega Robotics Runtime - Unable to run signed packages with correct certificate
Hi,
We have configured our Pega Robotics Runtime to only run packages that are digitally signed.
I've followed the steps listed here: https://pdn.pega.com/community/product-support/question/configure-robotics-runtime-load-only-signed-packages
I installed the code signing certificate with public key only. However it resulted to a "Unable to verify signing certificate" error (please see attached screenshot) whenever I load the package in Pega Runtime.
The runtime configuration is correct as I used the <DeploymentSecurity signatureCheck="Any"> setting. Would this mean that the generation of my certificate (with public key) is incorrect?
Currently the certificate has Key Usage of: Digital Signature, Non-Repudiation, Key Encipherment.
Is there documentation on what specific settings the certificate with public key should have? Thank you.
I also tested creating a self-signed cert with public key and this worked. However we can't use self-signed certificates as these are insecure.
Pegasystems Inc.
US
I believe this post covers what you're trying to do. https://collaborate.pega.com/question/configure-robotics-runtime-load-only-signed-packages
Macquarie Group
PH
Hi grona,
Thanks for your reply. I followed that as I mentioned in my original post. However I got the error of "Unable to verify signing certificate"
Currently the certificate has Key Usage of: Digital Signature, Non-Repudiation, Key Encipherment.
Is there documentation on what specific settings the certificate with public key should have?
Thanks for your help.
Regards,
Bryan