User guide
6-19
Miscellaneous
in a trusted communication and compare this with the certificate deliv-
ered with the signed files.
To validate a certificate chain the complete certificate chain has to be
available to you. Nevertheless, although you need the certificate chain
to verify the origin of a leaf or intermediate certificate, only its root cer-
tificate has to be verified via a secure communication because the chain
leads to it (see also section “What’s a Certificate Chain” on page 6-16).
6.6.7 The Keys and Certificates Delivered with CLIPSTER
In the delivery of the DCI Mastering feature you can find on the en-
closed CD-ROM and/or in the installation directory of the DVS soft-
ware the following keys and certificates:
Test Keys
You may use the following files for testing purposes only. They should
not be used to create a DCP for distribution:
File: TestSigningCertificateLeafSHA*.pfx
Path: DVS\CLIPSTER\Signature Store\DVS Test\
Explanation: For testing only: Private Signing Key for testing. With
it you can sign the extra files of a DCP. Contains the
complete chain of test certificates. Use SHA-1 for
SMPTE Phase 0 compliant DCPs, and SHA-256 for
SMPTE Phase 1 and 2.
Password: DVS
File: TestSigningCertificateLeaf.pem
Path: DVS\CLIPSTER\Certificate Store\DVS
Test\
Explanation: For testing only: Test certificate. The public-key certif-
icate of the private Signing Key for testing. With this
file and the certificate chain the DCP can be validated.