Re: [iText-questions] problem including certificate chain in PDF

[Christophe VG]

Hi Paulo, thanks a lot for wanting to help me on this one.  In attachment you find a signed PDF based on the previously supplied code. regards, Christophe

signed.pdf
Description: Adobe PDF document

On 10 Sep 2010, at 16:30, Paulo Soares wrote: I'm quite sure the chain is being included in the PDF but what I'm not sure is if you don't have a broken chain. Can you post the PDF?   Paulo From: Christophe VG [mailto:contact+it...@christophe.vg] Sent: Friday, September 10, 2010 1:12 PM To: itext-questions@lists.sourceforge.net Subject: [iText-questions] problem including certificate chain in PDF Hi, I'm trying to sign a PDF. We have a qualified certificate issued by QuoVadis. To make sure that Adobe Reader can validate our signature, I'm adding the entire certificate chain.  BUT ... when opening the PDF in Adobe, only our certificate shows up and no other certificates in the chain are show. The result is of course an invalid signature. This is the code snippet in use:      KeyStore ks = KeyStore.getInstance("Luna");      ks.load(null, null);      PrivateKey privateKey = (PrivateKey)ks.getKey("Our Private Key", null);      // we need to assemble the certificate chain by hand because our HSM doesn't support the getCertificateChain method      java.security.cert.Certificate[] chain = new java.security.cert.Certificate[3];      chain[0] = ks.getCertificate("Our Certificate");      chain[1] = ks.getCertificate("QuoVadis EU Qualified Issuing Certification Authority");      chain[2] = ks.getCertificate("QuoVadis Root Certification Authority");      PdfReader reader = new PdfReader("original.pdf");      FileOutputStream fout = new FileOutputStream("signed.pdf");      PdfStamper stp = PdfStamper.createSignature(reader, fout, '\0');      PdfSignatureAppearance sap = stp.getSignatureAppearance();      sap.setCrypto(privateKey, chain, null, PdfSignatureAppearance.WINCER_SIGNED);      sap.setReason("Testing");      sap.setLocation("Here");      stp.close(); I'm using : iText-5.0.4.jar and bcprov-jdk16-145.jar. Hopefully this rings a bell with someone. Thanks a lot in advance, regards, Christophe VG Aviso Legal: Esta mensagem é destinada exclusivamente ao destinatário. Pode conter informação confidencial ou legalmente protegida. A incorrecta transmissão desta mensagem não significa a perca de confidencialidade. Se esta mensagem for recebida por engano, por favor envie-a de volta para o remetente e apague-a do seu sistema de imediato. É proibido a qualquer pessoa que não o destinatário de usar, revelar ou distribuir qualquer parte desta mensagem. Disclaimer: This message is destined exclusively to the intended receiver. It may contain confidential or legally protected information. The incorrect transmission of this message does not mean the loss of its confidentiality. If this message is received by mistake, please send it back to the sender and delete it from your system immediately. It is forbidden to any person who is not the intended receiver to use, distribute or copy any part of this message. ------------------------------------------------------------------------------ Automate Storage Tiering Simply Optimize IT performance and efficiency through flexible, powerful, automated storage tiering capabilities. View this brief to learn how you can reduce costs and improve performance. http://p.sf.net/sfu/dell-sfdev2dev_______________________________________________ iText-questions mailing list iText-questions@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/itext-questions Buy the iText book: http://www.itextpdf.com/book/ Check the site with examples before you ask questions: http://www.1t3xt.info/examples/ You can also search the keywords list: http://1t3xt.info/tutorials/keywords/

------------------------------------------------------------------------------
Automate Storage Tiering Simply
Optimize IT performance and efficiency through flexible, powerful, 
automated storage tiering capabilities. View this brief to learn how
you can reduce costs and improve performance. 
http://p.sf.net/sfu/dell-sfdev2dev
_______________________________________________
iText-questions mailing list
iText-questions@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/itext-questions

Buy the iText book: http://www.itextpdf.com/book/
Check the site with examples before you ask questions: 
http://www.1t3xt.info/examples/
You can also search the keywords list: http://1t3xt.info/tutorials/keywords/