Well, that makes sense. Probably just needed to ask to clarify this for myself. thanks a lot :)
So, if I want to keep the workflow I would have to add the PrivateKeys for any Certificate that I want to use for signing to my KeyStore? Ben Paulo Soares wrote: > If the private key is not related to the certificate how do you expect > Acrobat to validate it? The certificate must contain the public key that > matches the private key used to sign. > > Paulo > > >> -----Original Message----- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] On >> Behalf Of Benjamin Schüttler >> Sent: Tuesday, April 17, 2007 11:36 AM >> To: Post all your questions about iText here >> Subject: Re: [iText-questions] Security: Certificate valid >> butSignature invalid >> >> Thanks for the quick reply. >> >> The Source for the Certificate is a HTTPS Request that provides a >> X509Certificate chain attribute. >> As there are possibly lots of different User-Certificates from those >> requests, I only generated a random PrivateKey for my >> Keystore to match >> the setCrypto() Attributes. >> So the provided PrivateKey is not related to the Certificate at all. >> >> I wasn't quite sure what to do with hat key, as it appeared to work >> correctly first, even without any matching PrivateKey. >> >> So, whatelse could be of use? >> >> Any other hints for what I could do to ensure a signing process to >> become valid? >> >> Ben >> >> Paulo Soares wrote: >> >>> Works for me. No idea what the problem is, if any. As >>> >> usual, provide everything needed to reproduce the problem. >> >>> Paulo >>> >>> >>> >>>> -----Original Message----- >>>> From: [EMAIL PROTECTED] >>>> [mailto:[EMAIL PROTECTED] On >>>> Behalf Of Benjamin Schüttler >>>> Sent: Tuesday, April 17, 2007 10:03 AM >>>> To: [email protected] >>>> Subject: [iText-questions] Security: Certificate valid but >>>> Signature invalid >>>> >>>> Hello, >>>> >>>> I could need a little help for a problem concearning Signatures. >>>> Within a web application I need to sign PDFs. Currently >>>> >> I'm using the >> >>>> PdfStamper like this: >>>> >>>> X509Certificate[] = requestBean.getCertificates(); >>>> PrivateKey pk = requestBean.getPrivateKey(); >>>> PdfReader dReader = new PdfReader(source); >>>> dOut = new FileOutputStream(target); >>>> PdfStamper dStamp = PdfStamper.createSignature(dReader, >>>> >> dOut, '\0', >> >>>> null, true); >>>> PdfSignatureAppearance dSap = dStamp.getSignatureAppearance(); >>>> dSap.setCrypto(pk, certs, null, >>>> >> PdfSignatureAppearance.WINCER_SIGNED); >> >>>> dStamp.close(); >>>> >>>> Well, this works fine, except that AcrobatReader tells me that the >>>> Signature is invalid. >>>> The Certificate is recognized as valid, but the whole Signature is >>>> invalid as the file is "altered" ... >>>> The question is, for what reasons could that file be >>>> >> altered and what >> >>>> can I do to generate a valid signed pdf? >>>> I don't even touch the "target" file after applying the signature. >>>> >>>> Thanks in advance, >>>> >>>> Ben >>>> >>>> ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions Buy the iText book: http://itext.ugent.be/itext-in-action/
