robot
2024.10
true
- Getting started
- Understanding UiPath Robot
- UiPath Assistant
- Installation requirements
- Installing robots for unattended automations
- Configuring robots for unattended automations
- Deploying unattended automations
- Connecting robots for unattended automations to Orchestrator
- Setting up Windows Server for high-density robots
- Redirecting robots through a proxy server
- Implementing authentication
- Adjusting registry settings for execution in minimized RDP windows
- Using network locations
- Setting up Linux robots
- Configuring package signature verification
- Setting up package folders and network paths
- Configuring activity feeds
- Installing robots for attended automations
- Configuring robots for attended automations
- Integrations
- Troubleshooting
Configuring package signature verification
Robot admin guide
Last updated Nov 18, 2024
Configuring package signature verification
Package signature is a tool used by NuGet packages to verify their source as being trustworthy. This verification is done using a certificate that helps confirm the identity of the entity that has issued or created the package.
When you enable the certificate check, UiPath validates whether the packages being used come from an approved author or a permitted repository, enhancing the security of the deployment by ensuring that only reliable packages are used.
Values for the validation mode parameter
signatureValidationMode
decide what kind of packages can be installed.
-
If you use
accept
, you can install both signed and unsigned packages. -
If you use
require
, you can only install a package if the signing details have to match the ones from the<trustedSigners>
section of theNuGet.config
file.
Before Robot version 2021.2, during the installation, the
NuGet.config
file would be automatically populated with certain configurations:
-
signatureValidationMode
, set toaccept
-
UiPath® is listed as a trusted signer
In Robot versions 2021.2 and later, you are encouraged to make a conscious choice, so these settings are not automatically
populated. To continue using the package signature feature, you need to manually edit the
NuGet.config
file and add the signatureValidationMode
parameter, and list UiPath as a trusted source.
Important:
-
If you use the
NuGet.org
feed, add it for bothaccept
andrequire
validation modes, as NuGet announces the whole repository as signed. -
If you do no want to use package signature verification, make sure to remove the
<trustedSigners>
tag from theNuGet.config
file.
You can configure the package signature either during the command line installation, or post-installation, by editing the
NuGet.config
file: