Table of Contents

Search

  1. Preface
  2. Part 1: Installation Getting Started
  3. Part 2: Before You Install the Services
  4. Part 3: Run the Services Installer
  5. Part 4: After You Install the Services
  6. Part 5: Informatica Client Installation
  7. Part 6: Uninstallation
  8. Appendix A: Starting and Stopping Informatica Services
  9. Appendix B: Connecting to Databases from UNIX or Linux
  10. Appendix C: Updating the DynamicSections Parameter of a DB2 Database

Installation for Data Engineering

Installation for Data Engineering

Installer Code Signing

Installer Code Signing

You can verify the signature of the Informatica software code.
Informatica uses a certificate based digital signature to sign the Informatica software code. The code signing helps to validate the authenticity of the code and ensures that there has been no changes or corruptions to the code after Informatica signs the code. You can determine whether to trust the software based on whether the code sign is present or not.
You can request a code signing certificate that contains information that fully identifies Informatica LLC and a Certificate Authority (CA) that issues the certificate. The digital certificate binds the identity of Informatica to a public key and to a private key.
Digital signing of software begins with the creation of a cryptographic hash, or a digest. The digest has a one to one correspondence with the original data. Use the digest as there are no hints on how to recreate the original data, and even a small change in the original data results in a change in the hash value. Informatica uses its private key to sign the digest, or generates a signature in the form of a string of bits. Good digital signature algorithms allow a user with the public key to verify the creator of the signature.

To Verify the Signed Code is Authentic

After Informatica signs the software bundle, you can contact Informatica Global Customer Support to access the code signing certificate. Informatica ships the installer along with the signature file that contains the hash of the installer binary encrypted with Informatica's private key. You can validate the integrity of digitally signed binaries using any available tools, such as OpenSSL.
For instance, if you have to verify the package authentication and confirm the code security, enter the following OpenSSL commands:
openssl base64 -d -in $signature -out /tmp/sign.sha256 openssl dgst -sha256 -verify <(openssl x509 -in <cert> -pubkey -noout) -signature /tmp/sign.sha256 <file>
Where
<signature>
is the file containing the signature in Base64,
<cert>
is the code signing certificate, and
<file>
is the file to verify.
Based on verification process, OpenSSL displays a success or error message to validate if the installer code is genuine or not. Note that the verification for the installer might take around two minutes.

0 COMMENTS

We’d like to hear from you!