Show Table of Contents
5.5. Results
The input file,
audit_list, is a simple text file which gives the full path to the sifgned audit logs to be verified.
cat ~jsmith/auditVerifyDir/audit_list /var/lib/pki-ca/logs/signedAudit/ca_audit.20110211145833
If no modifications have been made to any of the files, then
AuditVerify returns a message that all signatures are valid.
AuditVerify -d ~jsmith/auditVerifyDir -n "Log Signing Certificate" -a ~jsmith/auditVerifyDir/audit_list Verification process complete. Valid signatures: 20 Invalid signatures: 0
If there is a modification to a log file, then the signature is invalidated. In that case,
AuditVerify says that there is an invalid signature and returns the name of the edited log file and the line number of the modification.
AuditVerify -d ~jsmith/auditVerifyDir -n "Log Signing Certificate" -a ~jsmith/auditVerifyDir/audit_list ====== File: /var/lib/pki-ca/logs/signedAudit/ca_audit.20110211145833 ====== Line 52: VERIFICATION FAILED: signature of /var/lib/pki-ca/logs/signedAudit/ca_audit.20101213141439:48 to /var/lib/pki-ca/logs/signedAudit/ca_audit.20101213141439:51 Verification process complete. Valid signatures: 19 Invalid signatures: 1
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.