Re: [iText-questions] problem including certificate chain in PDF

Fri, 10 Sep 2010 07:42:35 -0700 

Hi Christophe,

the chains looks good to me. But maybe the Reader complains about an untrusted 
root rather than a missing part of the chain ...

Could you post an example ? Would like to take a inside ..

Greetings

Andreas

----- original Nachricht --------

Betreff: [iText-questions] problem including certificate chain in PDF
Gesendet: Fr, 10. Sep 2010
Von: Christophe VG

Hi,
I'm trying to sign a PDF. We have a qualified certificate issued by QuoVadis. 
To make sure that Adobe Reader can validate our signature, I'm adding the 
entire certificate chain. 
BUT ... when opening the PDF in Adobe, only our certificate shows up and no 
other certificates in the chain are show. The result is of course an invalid 
signature.
This is the code snippet in use:
     KeyStore ks = KeyStore.getInstance("Luna");     ks.load(null, null);     
PrivateKey privateKey = (PrivateKey)ks.getKey("Our Private Key", null);
     // we need to assemble the certificate chain by hand because our HSM 
doesn't support the getCertificateChain method     
java.security.cert.Certificate[] chain = new java.security.cert.Certificate[3]; 
    chain[0] = ks.getCertificate("Our Certificate");     chain[1] = 
ks.getCertificate("QuoVadis EU Qualified Issuing Certification Authority");     
chain[2] = ks.getCertificate("QuoVadis Root Certification Authority");
     PdfReader reader = new PdfReader("original.pdf");     FileOutputStream 
fout = new FileOutputStream("signed.pdf");     PdfStamper stp = 
PdfStamper.createSignature(reader, fout, '');     PdfSignatureAppearance sap = 
stp.getSignatureAppearance();     sap.setCrypto(privateKey, chain, null, 
PdfSignatureAppearance.WINCER_SIGNED);     sap.setReason("Testing");     
sap.setLocation("Here");     stp.close();
I'm using : iText-5.0.4.jar and bcprov-jdk16-145.jar.
Hopefully this rings a bell with someone.
Thanks a lot in advance,regards,Christophe VG


--- original Nachricht Ende ----

------------------------------------------------------------------------------
Automate Storage Tiering Simply
Optimize IT performance and efficiency through flexible, powerful, 
automated storage tiering capabilities. View this brief to learn how
you can reduce costs and improve performance. 
http://p.sf.net/sfu/dell-sfdev2dev
_______________________________________________
iText-questions mailing list
iText-questions@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/itext-questions

Buy the iText book: http://www.itextpdf.com/book/
Check the site with examples before you ask questions: 
http://www.1t3xt.info/examples/
You can also search the keywords list: http://1t3xt.info/tutorials/keywords/

Reply via email to