UNIX/Linux 인증서 서명 확인 작업

Microsoft.Unix.Check.Certificate.Signature (Task)

이 작업은 에이전트의 서명된 인증서의 서명 알고리즘을 보여줍니다. 이는 업데이트를 필요로 하는 SHA1 인증서를 식별하는 데 도움을 줄 수 있습니다.

Element properties:

Target	Microsoft.Unix.Computer
Accessibility	Internal
Category	Custom
Enabled	True
Remotable	False
Timeout	12000

Member Modules:

ID	Module Type	TypeId	RunAs
PA	ProbeAction	Microsoft.Unix.WSMan.Invoke.VarPriv.ProbeAction	Default

Source Code:

<Task ID="Microsoft.Unix.Check.Certificate.Signature" Accessibility="Internal" Enabled="true" Target="Microsoft.Unix.Computer" Timeout="12000" Remotable="true">

  <Category>Custom</Category>

  <ProbeAction ID="PA" TypeID="Microsoft.Unix.WSMan.Invoke.VarPriv.ProbeAction">

    <TargetSystem>$Target/Property[Type="Microsoft.Unix.Computer"]/NetworkName$</TargetSystem>

    <UserName>$RunAs[Name="Microsoft.Unix.PrivilegedAccount"]/UserName$</UserName>

    <Password>$RunAs[Name="Microsoft.Unix.PrivilegedAccount"]/Password$</Password>

    <Uri>http://schemas.microsoft.com/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem?__cimnamespace=root/scx</Uri>

    <Selector/>

    <InvokeAction>ExecuteShellCommand</InvokeAction>

    <Input>&lt;p:ExecuteShellCommand_INPUT xmlns:p="http://schemas.microsoft.com/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem"&gt;&lt;p:command&gt;openssl x509 -noout -text -in /etc/opt/microsoft/scx/ssl/scx.pem | grep 'Signature Algorithm'&lt;/p:command&gt;&lt;p:timeout&gt;120&lt;/p:timeout&gt;&lt;/p:ExecuteShellCommand_INPUT&gt;</Input>

    <TimeOutInMS>12000</TimeOutInMS>

  </ProbeAction>

</Task>