Hi Gerhard, that seems to be a Luna configuration issue. Or you're making wrong assumptions about the cerificate label.
Are you sure that are the correct names to retrieve the certificates ? Are you sure these certificates are installed on the HSM ? Quick workaround : Read the certificates from a file or install the the GeoTrust certificate in your Reader ( if not already present ). Are you sure these certificates are the issuer / root for your signing certificate ? Greetings Andreas ----- original Nachricht -------- Betreff: [iText-questions] Problem with signing PDF using HSM Luna - certificate chain not showing up Gesendet: Fr, 11. Feb 2011 Von: gerhardschmidt37<[email protected]> > > Hi all, > > Its actually more Luna HSM question, but I'm hoping that some expert can > help me out. > I'm trying to sign pdf with itext+bouncy castle (java 5). Inserted > signature > is always invalid because certificate chain is not showing. Following code > is setting up my certificate chain. > > .... > KeyStore ks = KeyStore.getInstance("Luna"); > ks.load(null, null); > PrivateKey key = (PrivateKey) ks.getKey(hsmKeyLabel, null); > > Certificate[] chain = new Certificate[3]; > > chain[0] = ks.getCertificate(hsmCertLabel); > chain[1] = ks.getCertificate("GeoTrust CA for Adobe"); > chain[2] = ks.getCertificate("Adobe Root CA"); > .... > > After debugging I found out that chain[1] and chain[2] are null. The same > certificate is used by adobe livecycle and it works. I tried to use Luna > specific API using only class LunaKeyStore and method > engineGetCertificateChain, however same result - no chain. > > I would highly appreciate ideas/hints... > > cheers, > Gerhard > -- > View this message in context: > http://itext-general.2136553.n4.nabble.com/Problem-with-signing-PDF-using-HS > M-Luna-certificate-chain-not-showing-up-tp3301256p3301256.html > Sent from the iText - General mailing list archive at Nabble.com. > > ---------------------------------------------------------------------------- > -- > The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: > Pinpoint memory and threading errors before they happen. > Find and fix more than 250 security defects in the development cycle. > Locate bottlenecks in serial and parallel code that limit performance. > http://p.sf.net/sfu/intel-dev2devfeb > _______________________________________________ > iText-questions mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/itext-questions > > Many questions posted to this list can (and will) be answered with a > reference to the iText book: http://www.itextpdf.com/book/ > Please check the keywords list before you ask for examples: > http://itextpdf.com/themes/keywords.php > --- original Nachricht Ende ---- ------------------------------------------------------------------------------ The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb _______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions Many questions posted to this list can (and will) be answered with a reference to the iText book: http://www.itextpdf.com/book/ Please check the keywords list before you ask for examples: http://itextpdf.com/themes/keywords.php
