[en] Security
[en] The Veritran platform allows you to add a layer of security to transactions by encrypting their content.
[en] To simplify the use of cryptographic operations, the cryptographic engine works with crypto profiles, which contain parameters like keys, padding, sizes, and more. The system loads the crypto profile configurations on start up or warm boot and operates with the configurations called from a crypto profile code.
[en] Read the section below for details on how to implement PKI, AES or GPG cryptography in your app. Refer to OpenSSL Commands or GPG Commands for a list of command examples.
[en] Implement Cryptography (PKI, AES or GPG)
[en] From your OS’s terminal, copy the key files to the server. Their location might be the standard
/veritran/certs/
path. As an alternative, a user-defined path is allowed.[en] Open Middleware and create a certificate entry that references the key files you copied.
[en] Fill in the New Certificate modal fields as indicated below:
[en] Code
[en] Type the 4-digit certificate code. Keep this code at hand for step 5, since you will create a crypto profile code that must match this certificate code.
[en] Product
[en] If you’re configuring a crypto profile for a specific product, select the product from the drop-down menu.
[en] Type
[en] If it is for Sign, select CodeSign, if not, leave the field empty.
[en] Install Date
[en] Select the date of inserted record.
[en] Description
[en] Write a brief description of the crypto profile.
[en] Purpose
[en] Define the purpose of the certificate.
[en] KeyStorePSW
[en] Type the password for the keystore file copied in step 1 of this procedure.
[en] Alias Name
[en] Enter an alias for the keystore file.
[en] Alias PSW
[en] Enter the alias password.
[en] Path
[en] Type the absolute path to the pkcs12 keystore or the X509 certificate in PEM format. This path should match the path copied in step 1 of this procedure.
[en] Valid From
[en] Leave this field blank.
[en] Valid Until
[en] Leave this field blank.
[en] Save and restart VT NET processes.
[en] In the SQL editor, create the crypto profile in the VT-NET database using
StoreProcedure
. This will create a new entry in thecrypto_profile
table. Read [en] Create a PKI Crypto Profile (RSA and DSA), [en] Create an AES Crypto Profile and [en] Create a GPG Crypto Profileto learn how to create each type of crypto profile.[en] Reload all configurations with a warm boot.
[en] In Veritran Studio, open the transaction you want to edit in the Transactions Editor. Add a Script action box where you want to add the encryption and decryption actions. Fill the Script action boxes with the corresponding code, as per the following examples: