We are logging data in Json format as mentioned in documents shared by DGCA.
Now the place where I need some clarity is how the signing of log files should happen, can we just sign the data with Private Key generated by OpenSSL and self signed certificate and share the public key and signature with the log file?
In document it’s written that the log files should be bundled, so should we just zip all log files?
It’s all written that the bundled file should again be signed, that doesn’t make any sense. If individual log files are signed why we need to again sign the bundled log file.
Is their any other thing that we need to consider while writing, bundling & signing log files.