We are using angular2-signaturepad package for capturing the signature in base64 format and merge within the document and Aspose for converting the Signed Document into PDF. In the Signed PDF document, we need to have the Digital Certificate to ensure any kind of Compliance.
Whether Aspose provides Digital Cerficate for the the signed document which is converted to PDF using Aspose dll?
In the link above, where it has a sample code referring to a PFX file. From where this PFX file is generated? Whether Aspose provides this? If yes, is it legally valid when used for a eSign pdf document generated using Aspose?
Whether the Link I am referring to is for generating a PFX Digital certificate or to how to use an existing Digital certificate issued by a Certified Authority? If it is for generating a Certificate using Aspose, is that certificate equivalent to a Certificate issued by a Certified authority? Or whether the Aspose Digital certificate is validated/verified by a Certified Authority?
Would you like to preserve digital signature after processing/converting document using Aspose.Words? If so, it is impossible because If process the signed document and have the same digital signature attached automatically – this will invalidate the whole purpose of digital signatures. The thing is that the original author has not signed the resulting document. You basically cannot transfer a digital signature from one document to another.
A Personal Information Exchange (.pfx) Files, is password protected file certificate commonly used for code signing your application. You can generate such fine using the following code for example:
/// <summary>
/// Creates a pfx certificate with the specified password and saves to the specified file.
/// </summary>
public static void GeterateTestCertificate(string password, string certFileName)
{
using (var rsa = new RSACryptoServiceProvider(2048))
{
var certificateRequest = new CertificateRequest(
"CN=myCer",
rsa,
HashAlgorithmName.SHA256,
RSASignaturePadding.Pkcs1);
var certificate = certificateRequest.CreateSelfSigned(DateTimeOffset.Now, DateTimeOffset.Now.AddYears(1));
byte[] pfxBytes = certificate.Export(X509ContentType.Pfx, password);
File.WriteAllBytes(certFileName, pfxBytes);
}
}
There are other types of certificate formats such as .pem, .cert, .crt and some of them can even be converted to a .pfx and used for code signing.
Thank you for the update. My requirement is to have the Digital Certificate in the Signed PDF document. It will not be present before converting, but attach directly into the Signed Document and to be part of it after converting. The Certificate will contain information related to the person who signed the document.
That being said, thank you for the code to generate pfx file, which can be later used for attaching it to a Signed PDF Document. However, my question is if this pfx file is Legally valid? Or should that be Validated or certified by any Certificate Authority Companies?
@sanath If you attach PDF document produced by Aspose.Words to already signed document, it will invalidate the signature. So the it will be required to sign the final document again.
This question is not related to Aspose.Words. Aspose.Words provides a method to sign the document using the provided certificate. Its validation and generation is out of Aspose.Words scope.
