Signing pdf with a certificate in a certificate store

MiguelRE · February 24, 2017, 3:59am

Hello.

I am new with the digital signature and I am not clear.

How can I sign a PDF with Aspose with an X509Certificate2 from the store?

I’ve got it with certificates that have the exportable private key, but it’s impossible for me to sign a PDF if the certificate is non-exportable.

//Note: objCert is a X509Certificate2 read from a certificate store.

Aspose.Pdf.Document document = new Aspose.Pdf.Document(“c:/pdftest/document.pdf”);

PdfFileSignature signature = new PdfFileSignature(document);

byte[] pkcs10 = objCert.Export(X509ContentType.Pfx, “testkey”);

MemoryStream memStream = new MemoryStream();

BinaryWriter binWriter = new BinaryWriter(memStream);

binWriter.Write(pkcs10);

memStream.Position = 0;

PKCS7 pkcs = new PKCS7(memStream, “testkey”);

pkcs.Reason = “Reason”;

pkcs.ContactInfo = “ContactInfo”;

pkcs.Location = “Location”;

pkcs.Date = DateTime.Now;

pkcs.ShowProperties = true;

System.Drawing.Rectangle rect = new System.Drawing.Rectangle(50, 50, 100, 80);

signature.Sign(1, true, rect, pkcs);

signature.Save(“c:/pdftest/document2.pdf”);

…

It only works if the certificate has an exportable private key

How to create a PKCS7 from an X509Certificate2?

Thanks for your time.

tilal.ahmad · February 26, 2017, 8:07pm

Hi Miguel,

Thanks for your inquriy. I am afraid we have already noticed the problem with signing PDF document using certificate with non-exportable private key and logged a ticket PDFNET-37412 in our issue tracking system for rectification. We have linked your post to the issue id and will notify you as soon as it is resolved.

We are sorry for the inconvenience.

Best Regards,

MiguelRE · February 27, 2017, 1:44am

Thank you very much for your time.

aspose.notifier · July 5, 2019, 9:19pm

The issues you have found earlier (filed as PDFNET-37412) have been fixed in Aspose.PDF for .NET 19.7.