Regarding the green check mark: unless you can ask the consumers of your PDFs to add the root certificate of your certificate to the list of trusted identities, you'll always need a public/private key stored on hardware to get a green check mark. For now, we make checking the key-usage the responsibility for the developer, but in a perfect world, you should only sign with certificates suited for non-repudiation, and your SSL certificate probably doesn't allow this. Regarding signing with your SSL certificate: in a future iText version, we make require that the key-usage of the certificate indicates that the certificate can be used for non-repudiation. Hoping someone can help me see the forest from the trees. with limited functionality other than enabling digital signing)? Is hardware (of some sort) a requirement (seems so)? If hardware is a requirement, are there any minimal solutions out there (e.g. Ideally someone would sell a certificate similar to the SSL certificates, but for PDF files. But small businesses need to automate things too. The solutions I see for automating this process assume large corporations using Adobe Live Cycle, and priced accordingly (see for example: ). I'm just trying to tap into existing knowledge out there. I'm sure a lot of small businesses have similar needs. I'm looking for a minimal solution for serving automated digitally signed PDFs on a Linux box. Has anyone got iKey working with Linux? Is it even possible? Do other companies offer USB based devices that work on Linux? Also, the USB-based SafeNet iKey device seems only to be marketed to Windows devices. The Luna PCIe device is less expensive, but I don't require any features other than providing a certificate I can use to sign. I only require a minimal solution, and the Luna has a lot of bells and whistles. The book talks about a SafeNet Luna device (an HSM), but's it is much too expensive. The book does a great job introducing this topic to me (I have very little experience in this area). not my SSL certificate), so that the little green checkmarks indicating "trust" appear naturally when the user opens the PDF document. If not, I should use a certificate intended for PDFs (e.g. server)? Can it be used somehow to get the green checkmarks showing "trust" in Adobe Reader? Is this a valid method to prove the PDF was generated by my domain (e.g. I've got iText adding a digital signature to PDFs using my SSL certificate. I have a low volume (<500 PDFs/year) application for automated digital-signing of PDF files using iText in Java on Linux.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |