Specifying how messages that fail signature verification are to be handled

When the SIPN FIN service encounters a message that failed signature verification due to a recoverable error, it can take either of two actions. Which action it takes depends on the setting of the SigVerifError attribute of the CO of type DnfFinParametersSnfil:
keep
The SIPN FIN service employs signature reverification, that is, it keeps the message in the IAMS so that signature verification can be reattempted later.
deliver
The SIPN FIN service does not employ signature reverification. Instead, it flags the message with information that describes the nature of the verification error, and delivers the message to the receiving application. This is the default.
For example, to specify that the SIPN FIN service is to keep such messages in the IAMS for the OU BANKA of instance INST1:
  1. Open the CLI with the following parameters: 
    dnicli -i INST1 -ou SYSOU -s DNI_SYSADM
  2. Issue the following command on a single line: 
    add -ou BANKA -ct DnfFinParametersSnfil -co DnfFinParametersSnfil
    -attr SigVerifError -val keep
  3. Commit, approve, and deploy the changes: 
    com -ou BANKA
app -ou BANKA
dep -ou BANKA

    If dual authorization is enabled, another user with the appropriate access rights must approve the changes before they can be deployed. If dual authorization is disabled, you can skip approving the changes and immediately deploy them.