Last week, I was tinkering with iText code in the repo and came up with a
solution to enable LTV.There was two problems in this case:
The HSM I'm using doesn't have the complete certificate chain, just the
signing certificate. Fixed by "manually" building the chain from a keystore
where the needed certificates are available.
In order to include the CRL responses for the whole certificate chain, it
was necessary to get many CrlClients, not just one, as the addVerification
method supposes. So, I overloaded the addVerification method in the
LtvVerification class to use a Collection.
With these two changes (one in our code base, one in iText), LTV appears to
be enabled in Adobe Reader.Is it possible for someone to review the changes
I made to iText in case someone else can benefit from them? I just added the
aforementioned method.
--
View this message in context:
http://itext-general.2136553.n4.nabble.com/LTV-signature-in-a-single-revision-tp4657550p4657603.html
Sent from the iText - General mailing list archive at Nabble.com.
------------------------------------------------------------------------------
Free Next-Gen Firewall Hardware Offer
Buy your Sophos next-gen firewall before the end March 2013
and get the hardware for free! Learn more.
http://p.sf.net/sfu/sophos-d2d-feb
_______________________________________________
iText-questions mailing list
iText-questions@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/itext-questions
iText(R) is a registered trademark of 1T3XT BVBA.
Many questions posted to this list can (and will) be answered with a reference
to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples:
http://itextpdf.com/themes/keywords.php
