Hi,
We would liek to use a certificate in the certificate store in order to sign a PDF.
Actually we are using an ExternalSignature created with an X509Certificate2 by opening our certificate in our store.

We are facing a problem with the signed PDF because it does not contain the certificate chain and then Adobe PDF does not show the signature as valid.

Using the same certificate but from a .pfx file instead of loading the certificate from the store, everything is ok.

Can you help?

Regards,
Alex

@sigma

Would you please provide following information so that we can further proceed to assist you accordingly:

• Sample code snippet to replicate the issue
• Sample source and output PDF documents and other files
• Screenshots of the issue in Adobe Reader

Hi,
I attached a sample, where you can see the following:
a.pdf is my source PDF to be signed.

WorkingCode.txt is the code for signing using a certificate exported file.
Working.pdf is the sample signed with this code
WorkingSignatureCapture.png shows you the valid signature as you can see the certificate chain is attached to the PDF.

NonWorkingCode.txt is the code for signing from a certificate in the store (note that we used the same exact certificate)
NonWorking.pdf is the sample signed with this code
NonWorkingSignatureCapture.png shows the invalid signature. note that the certificate chain is not present in this PDF.

Make sure you open the PDF on a machine where the signing certificate is not installed because if it is installed on the machine both signed PDF will appear as valid because this computer is trusting the certificate by having it in its store.

Sample.zip (546.5 KB)

@sigma

We were able to notice the issue that you have mentioned. It needs to be further investigated to determine the possibilities of whether your requirements are achievable or not. We have logged an investigation ticket as PDFNET-47938 in our issue tracking system for the purpose. We will look into its details and keep you posted with the status of its resolution. Please be patient and spare us some time.

We are sorry for the inconvenience.

Hi,
Is it possible to have an update on this ticket?
Regards,
Alex

@sigma

The ticket which was logged earlier is still pending for analysis. Please note that it was logged under free/normal support model and has low priority. It will be investigated and resolved on a first come first serve basis. However, we will surely inform you as soon as we have some certain news about its resolution. Please spare us some time.

We are sorry for the inconvenience.

Thank you.
What would be the ETA under paid support and how much this could cost? This feature is important to us.
Regards

@sigma

Once the issue is escalated to paid support, its investigation would be expedited. Please also note that paid support does not guarantee any immediate solution but the investigation process becomes faster. Once the investigation of the issue is completed, you will surely be able to get a reliable ETA. Regarding cost and other sale inquiries, we request you to please create a post in our Purchase forum where you will be assisted accordingly.

Any news on PDFNET-47938 ?

@sigma

Regretfully, the ticket is not yet completely investigated and resolved. As soon as its analysis is complete, we will be in position to share additional updates with you. We highly appreciate your patience and comprehension in this matter.

We apologize for the inconvenience.

Any news on that topic?

@sigma

We really regret to inform you that earlier logged ticket is not yet resolved. We have recorded your concerns along with the ticket and will surely update you once we have some news about its resolution or fix ETA. Please give us some time.

We apologize for the delay and the inconvenience.

@sigma

We have investigated the earlier logged ticket. Please note that the Parent/root certificates must also be installed in order to get correct results. Please check example on the below image:

image_2021_10_05T14_40_45_082Z.jpg (155.0 KB)

The issues you have found earlier (filed as PDFNET-47938) have been fixed in Aspose.PDF for .NET 21.10.