I'm quite sure the chain is being included in the PDF but what I'm not sure is
if you don't have a broken chain. Can you post the PDF?
Paulo
________________________________
From: Christophe VG [mailto:[email protected]]
Sent: Friday, September 10, 2010 1:12 PM
To: [email protected]
Subject: [iText-questions] problem including certificate chain in PDF
Hi,
I'm trying to sign a PDF. We have a qualified certificate issued by QuoVadis.
To make sure that Adobe Reader can validate our signature, I'm adding the
entire certificate chain.
BUT ... when opening the PDF in Adobe, only our certificate shows up and no
other certificates in the chain are show. The result is of course an invalid
signature.
This is the code snippet in use:
KeyStore ks = KeyStore.getInstance("Luna");
ks.load(null, null);
PrivateKey privateKey = (PrivateKey)ks.getKey("Our Private Key", null);
// we need to assemble the certificate chain by hand because our HSM
doesn't support the getCertificateChain method
java.security.cert.Certificate[] chain = new
java.security.cert.Certificate[3];
chain[0] = ks.getCertificate("Our Certificate");
chain[1] = ks.getCertificate("QuoVadis EU Qualified Issuing Certification
Authority");
chain[2] = ks.getCertificate("QuoVadis Root Certification Authority");
PdfReader reader = new PdfReader("original.pdf");
FileOutputStream fout = new FileOutputStream("signed.pdf");
PdfStamper stp = PdfStamper.createSignature(reader, fout, '\0');
PdfSignatureAppearance sap = stp.getSignatureAppearance();
sap.setCrypto(privateKey, chain, null,
PdfSignatureAppearance.WINCER_SIGNED);
sap.setReason("Testing");
sap.setLocation("Here");
stp.close();
I'm using : iText-5.0.4.jar and bcprov-jdk16-145.jar.
Hopefully this rings a bell with someone.
Thanks a lot in advance,
regards,
Christophe VG
Aviso Legal:
Esta mensagem é destinada exclusivamente ao destinatário. Pode conter
informação confidencial ou legalmente protegida. A incorrecta transmissão desta
mensagem não significa a perca de confidencialidade. Se esta mensagem for
recebida por engano, por favor envie-a de volta para o remetente e apague-a do
seu sistema de imediato. É proibido a qualquer pessoa que não o destinatário de
usar, revelar ou distribuir qualquer parte desta mensagem.
Disclaimer:
This message is destined exclusively to the intended receiver. It may contain
confidential or legally protected information. The incorrect transmission of
this message does not mean the loss of its confidentiality. If this message is
received by mistake, please send it back to the sender and delete it from your
system immediately. It is forbidden to any person who is not the intended
receiver to use, distribute or copy any part of this message.
------------------------------------------------------------------------------
Automate Storage Tiering Simply
Optimize IT performance and efficiency through flexible, powerful,
automated storage tiering capabilities. View this brief to learn how
you can reduce costs and improve performance.
http://p.sf.net/sfu/dell-sfdev2dev
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
Buy the iText book: http://www.itextpdf.com/book/
Check the site with examples before you ask questions:
http://www.1t3xt.info/examples/
You can also search the keywords list: http://1t3xt.info/tutorials/keywords/
