Verifying object signatures
You can use Digital Certificate Manager (DCM) to verify the authenticity of digital signatures on objects. When you verify the signature, you ensure that the data in the object has not been changed since the object owner signed the object.
Signature verification prerequisites
Before
you can use DCM to verify signatures on objects, you must ensure that certain
prerequisite conditions are met:
- You must have created the *SIGNATUREVERIFICATION certificate store to manage
your signature verification certificates. Note: You can perform signature verification while working within the *OBJECTSIGNING certificate store in cases where you are verifying signatures for objects that were signed on the same system. The steps that you perform to verify the signature in DCM are the same in either certificate store. However, the *SIGNATUREVERIFICATION certificate store must exist and must contain a copy of the certificate that signed the object even if you perform signature verification while working within the *OBJECTSIGNING certificate store.
- The *SIGNATUREVERIFICATION certificate store must contain a copy of the certificate that signed the objects.
- The *SIGNATUREVERIFICATION certificate store must contain a copy of the CA certificate that issued the certificate that signed the objects.
Use DCM to verify signatures on objects
To use DCM to verify object signatures, follow these steps:
You can also, use DCM to view information about the certificate that signed an object. This allows you to determine whether the object is from a source that you trust before you work with the object.