Hello,
We have an issue with digitally signed PDF files, Adobe reader mark signatures as invalid.
We are using a trusted certificate signed from CA from adobe AATL (our cert => itermediate cert => root cert AATL).
Reason: Certificate chain is not included in the signature => Adobe reader cannot build a trusted path to certificate.
Library
com.aspose.aspose-pdf 21.12
Code snippet:
import com.aspose.pdf.PKCS7;
import com.aspose.pdf.facades.PdfFileSignature;
import java.awt.*;
import java.io.FileInputStream;
class Scratch {
public static void main(String[] args) throws Exception {
String pdfPath = "input.pdf";
String pfxPath = "aspose.pfx";
String pdfPassword = "";
String imagePath = "signature.png";
String pdfOutput = "out.pdf";
String asposeLic = "Aspose.Total.Product.Family.lic";
com.aspose.pdf.License pdfLicense = new com.aspose.pdf.License();
pdfLicense.setLicense(asposeLic);
PdfFileSignature pdfSignSingle = new PdfFileSignature();
pdfSignSingle.bindPdf(pdfPath, pdfPassword);
PKCS7 pkcs = new PKCS7(new FileInputStream(pfxPath), "");
pdfSignSingle.sign(1, "reason", "test@example.com", pkcs.getLocation(), true, new Rectangle(100, 100, 100, 100), pkcs);
pdfSignSingle.setSignatureAppearanceStream(new FileInputStream(imagePath));
pdfSignSingle.save(pdfOutput);
}
}
Needed files: PFX / PDF input / signature image files.zip (174.2 KB)
Output: out.pdf (242.7 KB)
Please let us know how we could include intermediate certificates in signed documents.
Thanks in advance!