English
  • Shared Content for Data Engineering 10.2.2
  • All Products

Table of Contents

Search

  1. Installation Getting Started
  2. Before You Install the Services
  3. Run the Big Data Suite Installer
  4. After You Install the Services
  5. Install the Developer Tool
  6. Uninstallation
  7. Starting and Stopping Informatica Services
  8. Connecting to Databases
  9. Updating the DynamicSections Parameter of a DB2 Database

Installation and Configuration Guide

Installation and Configuration Guide

Back Next

Installer Code Signing

Installer Code Signing

You can verify the signature of the Informatica software code.
Informatica uses a certificate based digital signature to sign the Informatica software code. The code signing helps to validate the authenticity of the code and ensures that there has been no changes or corruptions to the code after Informatica signs the code. You can determine whether to trust the software based on whether the code sign is present or not.
You can request a code signing certificate that contains information that fully identifies Informatica LLC and a Certificate Authority (CA) that issues the certificate. The digital certificate binds the identity of Informatica to a public key and to a private key.
Digital signing of software begins with the creation of a cryptographic hash, or a digest. The digest has a one to one correspondence with the original data. Use the digest as there are no hints on how to recreate the original data, and even a small change in the original data results in a change in the hash value. Informatica uses its private key to sign the digest, or generates a signature in the form of a string of bits. Good digital signature algorithms allow a user with the public key to verify the creator of the signature.

To Verify the Signed Code is Authentic

After Informatica signs the software bundle, you can contact Informatica Global Customer Support to access the code signing certificate. Informatica ships the installer along with the signature file that contains the hash of the installer binary encrypted with Informatica's private key. You can validate the integrity of digitally signed binaries using any available tools, such as OpenSSL.
For instance, if you have to verify the package authentication and confirm the code security, enter the following two OpenSSL commands: 
openssl base64 -d -in $signature -out /tmp/sign.sha256
openssl dgst -sha256 -verify (openssl x509 -in <cert> -pubkey -noout) -signature /tmp/sign.sha256 <file>
Where
<signature>
 is the file containing the signature in Base64,
<cert>
 is the code signing certificate, and
<file>
 is the file to verify.
If the verification is successful, OpenSSL displays a message to validate if it is a successful certificate or not. To verify the 10.2.2 Informatica server installer on Linux, it might take around two minutes.