Each mode has the following behavior:
- Low — Any modules that are not signed or are signed with an untrusted or expired certificate will cause warnings but will
still function normally. Errors will occur if a signed module is modified after it was signed and installation of such modules
is not allowed.
- Medium — All modules must be signed by a valid, trusted certificate, but this certificate can be self-signed. Installation
of unsigned or invalidly signed modules is not allowed.
- High — All modules must be signed with a CA signed certificate. An internal CA can be used, but in this case, the CA certificate
must be imported into the user trust store. Installation of modules signed with self-signed certificates is not allowed.
The current default verification mode is Low, but this can be changed if desired. Change the verification mode for a device
by adding the following line to the system.properties file. Where, you would enter only one of the options shown between the square brackets.
niagara.moduleVerificationMode=[low, medium, high]