LinkedIn
Copied!

Table of Contents

Digital message signing in Pega Predictive Diagnostic Cloud

Digital message signing is an optional security feature that adds an encrypted signature to every message that your system sends to Pega Predictive Diagnostic Cloud™ (PDC). Digital message signing ensures that PDC processes only messages sent by your system and the integrity of the data that PDC receives.

To enable or disable digital message signing in PDC, follow the instructions in Enabling or disabling digital message signing in PDC.

If you experience issues with digital message signing in PDC, follow the instructions in Diagnosing issues in the digital message signing feature in Pega Predictive Diagnostic Cloud.

Digital message signing in PDC is based on asymmetric encryption in the Digital Signature Algorithm (DSA) standard which uses a cryptographic key pair. Your system generates the DSA key pair together, sends the public key to PDC, and stores the private key in a protected keystore format. Your private key is unique to your system.

The following figure shows the generation and distribution of the DSA key pair:

Your system generates the DSA key pair and sends the public key to PDC
DSA key pair generation
Your system generates the DSA key pair and sends the public key to PDC

When you enable digital message signing, your system uses the private key to generate encrypted digital signatures for messages that it sends to PDC. The system generates a different signature for each message and adds the signature to the message header. PDC then uses the corresponding public key to decrypt the signature. If the signature is missing or PDC is unable to decrypt it, PDC rejects the message.

PDC stores messages that have incorrect or missing signature up to seven days for diagnostic purposes. After seven days, PDC deletes the incorrect messages.

You can view the status of digital message signing and how many messages PDC rejected under the Gears icon in the PDC header.

Procedure in case of private key exposure

To ensure security in case your private key was exposed, you need to replace the key pair. If you suspect that your private key was exposed, contact Pega Support.

Did you find this content helpful?

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.