Sign the JDBC data source records in the protected instance

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 2 minutes de lecture

    • Use update sets to sign and validate the JDBC data sources by enabling the code signing in protected and trusted instances.

    • Establish Circle of Trust between the protected and trusted instances.
    • Role required: security_admin
    Remarque :
    • MID Server doesn't handle the file data sources and hence, these data sources are not code signed.
    • LDAP data sources can't be code signed.

    Sign existing data sources of the JDBC type

    Use update sets to bring mass signing jobs to the protected instance.

    Avant de commencer

    Role required: security_admin

    Procédure

    1. In the trusted instance, configure the KMF signing job to sign the data sources.
      1. Navigate to System Security > Security Jobs > All.
      2. Click New.
      3. On the form, fill these values.
        Field Description
        Name Name to identify the record.
        Type Type of the encryption job. Select Mass Sign Records.
        Table Table from which the records should be signed. Select Data Source.
      4. Click Export Code Signing job to production.
        A confirmation message is displayed that the update set is signed.
      5. Export the generated update set to an XML file.
    2. In the protected instance, import and commit the update set to retrieve the mass signed jobs from trusted instance.
      1. Navigate to System Security > Security Jobs > All.
      2. Open the update set exported from the trusted instance.
      3. Click Start.
        A confirmation message is displayed that the records are signed.

    Sign new data sources of the JDBC type

    Use update sets to bring the signed update set to the protected instance.

    Avant de commencer

    Role required: sn_kmf.cryptographic_manager

    Procédure

    1. In the trusted instance, start an update set.
      Start an update set.
    2. In the trusted instance, create the required data sources.
      Create a JDBC source.
      The data sources are added to the update set.
    3. In the trusted instance, change the state of the update set to Complete and click Update.
      Mark the update set as Complete.
    4. In the trusted instance, sign the update set by creating an encryption job.
      1. Navigate to System Security > Security Jobs > All.
      2. Click New.
      3. On the form, fill these values.
        Field Description
        Name Name to identify the record.
        Type Type of the encryption job. Select Sign Update Set.
        Table Update set from which the records should be signed.
      4. Click Submit.
      5. Click Start to sign the update set.
        Signed update set.
        • Summary is updated that the records are signed.
        • The update set is updated and includes the signature.
    5. In the trusted instance, open the signed update set record and export it to an XML.
    6. In the protected instance, import the signed update set.
      1. Navigate to System Update Sets > Retrieved Update Sets.
      2. Click the Import Update Set from XML related link to import the update set that is exported from the trusted instance.
        For more information, see Import and commit the quick-start update set.
        The update set is committed successfully.