Please rate how useful you found this document:
Overview
Public Key Infrastructures are required for activities where simple passwords are an inadequate authentication method and more rigorous proof is required to confirm the identity of the parties involved in the communication and to validate the information being transferred. [1]
Configuring ProcessMaker to Use a PKI
- ProcessMaker can work with trusted certificate authorities and security providers. There are many certificate authorities in the market, so ProcessMaker may need to be configured differently depending on which cerficate authority you are working with.
- ProcessMaker can generally work in two accepted, but not limited, scenarios depending on the security schema:
- If the certificate authority provides you with a PKI or “token” to encrypt and validate traffic, ProcessMaker can add this PKI to each user profile as an extension of the default information. Please check the following link to see a webinar about how we add a PKI to a user profile. You may also check how to configure ProcessMaker to use SSL/TLS.
- If the certificate authority requires online interaction or another type of special configuration, ProcessMaker will need to check and validate the following requirements:
- The specifications in the certificate authority's documentation about its available API (Application Program Interface) and/or SDK (Software Development Kit).
- The feasibility of integrating with the certificate authority architecture.
- How ProcessMaker will need to adjust its connectors to interact with the certificate authority’s architecture. Please check the following link to see the PM connectors's architecture.
- ProcessMaker has out-of-the-box integration with DocuSign, e-lock, that complies with commercial security standards.
References
- "Public key infrastructure". Wikipedia. December 20th, 2016.