Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.
SOLVED

How sign with date of a server

Avatar

Level 2

Hi guys,

Sorry for my english.

I want sign and later if I see the properties the date of a sign has a date of a server ( for make a sign more "robust" ).

Thanks in advance.

ZAMPAZAMPA.

1 Accepted Solution

Avatar

Correct answer by
Employee

Okay, if you trust the root certificate of signing authority of timestamp server then things should work fine.

If you are doing it for government organization or a large enterprise then it is not feasible to tell all recipients to trust the root explicitly, so for those use cases it is best to go for an signing authority from AATL http://helpx.adobe.com/acrobat/kb/approved-trust-list2.html to issue credential for signing.

and there is no need for end users to trust any certificate separately as these certificates are already in the trust list of Adobe Reader.

HTH

--Santosh

http://about.me/nskumar

View solution in original post

5 Replies

Avatar

Employee

not sure if I fully understood your requirement but I'm assuming that you want to avoid users changing their system time (by changing it to some time in past or in future).

If yes, You can obtain credentials from an Certificate Authority who also embeds their timestamping server and whenever user applies a digital signature the time of timestamp server is used rather than the users' system time.

Time stamp server acts as a digital notary service

HTH

--Santosh

http://about.me/nskumar

Avatar

Level 2

Yes its this!! I have the url of a server that returns the date and I write this URL in Signature Settings - Signature Info - Time Stamp Server URL and I activate check of "Require the signing party to user hte specified time stamp server". Is it way ok? i haven't luck..

ZAMPAZAMPA.

Avatar

Employee

What is the error/issue that you are getting with your approach?

which timestamp server are you using and how you are configuring it with your form?

If you are creating your form using Adobe LiveCycle Designer - then select the signature field , Go to Object palette , Signature tab - Click settings button

Specify timestamp server URL in signature info option.

and that's all everything else will be taken care by Adobe Reader during signing.

--Santosh

Avatar

Level 2

Hi Santosh,

The "the problem" is that if I see the properties of this sing i see "Signature is timestamped but hte timestamp could not be verified" but i read for this and its normal because I haven't the certified of this "server timeStamp", finaly it's all ok, Thanks for your help Santosh.

Avatar

Correct answer by
Employee

Okay, if you trust the root certificate of signing authority of timestamp server then things should work fine.

If you are doing it for government organization or a large enterprise then it is not feasible to tell all recipients to trust the root explicitly, so for those use cases it is best to go for an signing authority from AATL http://helpx.adobe.com/acrobat/kb/approved-trust-list2.html to issue credential for signing.

and there is no need for end users to trust any certificate separately as these certificates are already in the trust list of Adobe Reader.

HTH

--Santosh

http://about.me/nskumar