Skip to main content

Veritran Docs

Security

The Veritran platform allows you to add a layer of security to transactions by encrypting their content.

To simplify the use of cryptographic operations, the cryptographic engine works with crypto profiles, which contain parameters like keys, padding, sizes, and more. The system loads the crypto profile configurations on start up or warm boot and operates with the configurations called from a crypto profile code.

Read the section below for details on how to implement PKI, AES or GPG cryptography in your app. Refer to OpenSSL Commands or GPG Commands for a list of command examples.

Implement Cryptography (PKI, AES or GPG)

  1. From your OS’s terminal, copy the key files to the server. Their location might be the standard /veritran/certs/ path. As an alternative, a user-defined path is allowed.

  2. Open Middleware and create a certificate entry that references the key files you copied.

  3. Fill in the New Certificate modal fields as indicated below:

    Code

    Type the 4-digit certificate code. Keep this code at hand for step 5, since you will create a crypto profile code that must match this certificate code.

    Product

    If you’re configuring a crypto profile for a specific product, select the product from the drop-down menu.

    Type

    If it is for Sign, select CodeSign, if not, leave the field empty.

    Install Date

    Select the date of inserted record.

    Description

    Write a brief description of the crypto profile.

    Purpose

    Define the purpose of the certificate.

    KeyStorePSW

    Type the password for the keystore file copied in step 1 of this procedure.

    Alias Name

    Enter an alias for the keystore file.

    Alias PSW

    Enter the alias password.

    Path

    Type the absolute path to the pkcs12 keystore or the X509 certificate in PEM format. This path should match the path copied in step 1 of this procedure.

    Valid From

    Leave this field blank.

    Valid Until

    Leave this field blank.

  4. Save and restart VT NET processes.

  5. In the SQL editor, create the crypto profile in the VT-NET database using StoreProcedure. This will create a new entry in the crypto_profile table. Read Create a PKI Crypto Profile (RSA and DSA), Create an AES Crypto Profile and Create a GPG Crypto Profileto learn how to create each type of crypto profile.

  6. Reload all configurations with a warm boot.

  7. In Veritran Studio, open the transaction you want to edit in the Transactions Editor. Add a Script action box where you want to add the encryption and decryption actions. Fill the Script action boxes with the corresponding code, as per the following examples: