On 17.03.2023 15:58, Constantine Dokolas wrote:
Hello everyone.
I'm trying to validate a PDF that involves the AATL (Adobe Approved Trust
List). Acrobat says "Source of trust obtained from Adobe Approved Trust
List (AATL)". I'm using the Apache CXF 2.4.9 example validation code. This
is the first time it could not verify the signature, throwing a "No root
certificate in the chain".
Can you share the PDF? ShowSignature tries to retrieve missing issuer
certificates from URLs in the certificates. The related code is based on
an older Apache CXF version (because they seemed to have discontinued
that part) which I later improved.
I can see the comment in SigUtils mentioning that trusted lists are not
being taken into account and mentioning PDFBOX-3017.
As a note, I've managed to figure out how to retrieve the AATL/EUTL
certificates.
I'd be interested in getting AATL certificates. I do have some code that
takes EUTL certificates, but the weird thing is that not all of them are
root certificates.
Tilman
Any suggestions?
Constantine
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org
