Adobe LiveCycle (Archived)

Jyang257 · 9/10/09

Hi, Does anyone know if I already have some pkcs#12 file and can I automatic upload to Trust Store Management--> Local Credentials? is there any service I can use it?

Thanks

Jack

Santosh_Nangunoori · 9/10/09

Hi Jack,

You cannot programmatically upload p12 files , You can do this only through LiveCycle adminui

Thanks,

Santosh

Jyang257 · 9/10/09

Thank you. But if I have thousands of PKCS#12, what can I do? Is there any tool I can use for the batch upload?

Santosh_Nangunoori · 9/10/09

Hi Jack,

You can mimick the human behavior that is by UI automation you can automatically upload any number of pkcs#12 files.

Usually importing credentials (p12 files) is a one time activity,

PKCS#12 file password is required to import the credential programatically.

Users who own pkcs#12 files will not share the password to a company or administrator to automatically upload their private keys.

Automatically importing credentials functionality is exposed only to the LiveCycle services but not for end users.

Could you please explain the complete usecase for why thousands of p12 files are uploaded using a program? (If it is for migration , LiveCycle automatically handles migration of old credentials to newer versions of LC)

Thanks,

Santosh

lcisawesome · 9/11/09

Hi Santosh,

I am also interested in this topic since I am doing some server-side digital signature. Could you let me know which LiveCycle services have the automatically importing credentials functionality? And can user invoke it through Java API or Web Services?

thanks a ton!

Wayne

Jyang257 · 9/11/09

We are going to build a user registration form to let user fill out the form and automatic generate a pkcs#12 file then upload to LC Trust Store Management. Since the password is user created, like you said, user will not share the password to us, so we can not manually import the p12 file to the liveCycle server.

Could you please let me know which LiveCycle services can handle automatically importing credentials?

Thanks

Jack

kapss · 9/18/09

You can use the adobe-truststore-client.jar packaged in the SDK to do this.

I am sharing a code snippet to use when this is being done using a custom dsc in the LiveCycle container.

CredentialServiceClient cl = new CredentialServiceClient(ServiceClientFactory.createInstance());
cl.importCredential("Cred Alias", new com.adobe.idp.Document(new File("p12 file path"),false), "password", new String[]{"truststore.usage.type.sign"});

If you were importing a credential for reader extension the last argument would be "truststore.usage.type.lcre".

Here since this is inVM call, the ServiceClientFactory is created with default settings. If you want to do this from a remote VM, you would have to use

ServiceClientFactory.createInstance(Properties p) where properties identify the LiveCycle server installation. This you would find in the LiveCycle documents.

I am however not sure if private keys can be dealt in a batch. This would require the PKCS#12 file password to decrypt the key and I am not sure that how you can integrate the user who owns the key to submit the password in a batch request mechanism. On the other hand, if he is not involved, that implies his password being kept somewhere in clear text for use which again as you'll agree could be a problem.

Adobe LiveCycle (Archived)

Can I automatic upload pkcs#12 file into LC Trust Store Management?

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe