I used JDK1.5 keytool to generated a PKCS #12( default is Version 1):
keytool -genkey -validity 36000 -keysize 1024 -alias jyang -keyalg RSA -keystore c:\abc.pfx -storetype pkcs12 -storepass 123456 -keypass 123456 -dname "C=US, EMAILADDRESS=jsmith@blcpro.com, OU=R and D, O=BLC, CN=John Smith"
Then upload the abc.pfx file to the LiveCycle Server side : Trust Store Management--Local Credentials, the alias name is JYANG.
After that, I try to use this PKCS12 file to sign the PDF file:
public static void main(String[] args) {
try {
// This example will upload an XDP file to the LiveCycle Repository
ServiceClientFactory myFactory = ServiceClientFactory.createInstance(LCCommonUtil.getConnectionProps());
// Create a SignatureServiceClient object
SignatureServiceClient signClient = new SignatureServiceClient(myFactory);
// Specify a PDF document to sign
FileInputStream fileInputStream = new FileInputStream(
"C:\\Applications\\pdfForms\\TestDigitalSign\\ConferenceReg_flatten_sf_added.pdf");
Document credDoc = new Document(fileInputStream);
// Specify the name of the signature field
String fieldName = "SignatureField1";
//
// Create a Credential object
//
Credential myCred = Credential.getInstance("JYANG"); // LC Server: Local Credentials
System.out.println("******"+myCred.getSpiName());
// Specify the reason to sign the document
String reason = "The document was reviewed";
// Specify the location of the signer
String location = "New York HQ";
// Specify contact information
String contactInfo = "Tony Blue";
// Create a PDFSignatureAppearanceOptions object and show date information
PDFSignatureAppearanceOptionSpec appear = new PDFSignatureAppearanceOptionSpec();
appear.setShowDate(true);
appear.setShowReason(true);
// Set revocation checking to false
java.lang.Boolean revCheck = new Boolean(false);
// Create objects to pass to the sign method
OCSPOptionSpec ocspSpec = new OCSPOptionSpec();
CRLOptionSpec crlSpec = new CRLOptionSpec();
TSPOptionSpec tspSpec = new TSPOptionSpec();
// Sign the PDF document
Document signedDoc = signClient.sign(
credDoc,
fieldName,
myCred,
HashAlgorithm.SHA1,
reason,
location,
contactInfo,
appear,
revCheck,
ocspSpec,
crlSpec,
tspSpec);
// Save the signed PDF document
File outFile = new File("C:\\ConferenceReg_flatten_signed.pdf");
signedDoc.copyToFile(outFile);
}
catch (Exception ee) {
ee.printStackTrace();
}
}
Then I got these error message. But if I use the Acrobat to generate a PKCS#12 file, this code will be works. I also tried JDK1.6 to generated PKCS#12( it's Version3). still not work. Any one can help me? Thank you!
-------------------------Error Message----------------------------------------------------------------------------
ALC-DSS-303-016 The specified Credential Alias JYANG not found. (in the operation : getCredentialFromStore)
Caused By: findCredentialByAlias: no Local or HSM credential found -- No such object in the store(error code bin: 262, hex: 0x106)(CredentialServiceImpl.java466)
ALC-DSS-303-016 The specified Credential Alias JYANG not found. (in the operation : getCredentialFromStore)
Caused By: findCredentialByAlias: no Local or HSM credential found -- No such object in the store(error code bin: 262, hex: 0x106)(CredentialServiceImpl.java466)
com.adobe.livecycle.signatures.service.impl.PDFUtilities.getCredentialFromStore(PDFUtilities.java:541)
com.adobe.livecycle.signatures.service.impl.SignCertifyImpl.sign(SignCertifyImpl.java:277)
com.adobe.livecycle.signatures.service.impl.DocumentSecurityService.sign(DocumentSecurityService.java:1308)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
com.adobe.idp.dsc.component.impl.DefaultPOJOInvokerImpl.invoke(DefaultPOJOInvokerImpl.java:118)
com.adobe.idp.dsc.interceptor.impl.InvocationInterceptor.intercept(InvocationInterceptor.java:140)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor$1.doInTransaction(TransactionInterceptor.java:74)
com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.execute(EjbTransactionCMTAdapterBean.java:342)
com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.doSupports(EjbTransactionCMTAdapterBean.java:212)
com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapter_z73hg_ELOImpl.doSupports(EjbTransactionCMTAdapter_z73hg_ELOImpl.java:301)
com.adobe.idp.dsc.transaction.impl.ejb.EjbTransactionProvider.execute(EjbTransactionProvider.java:104)
com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor.intercept(TransactionInterceptor.java:72)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.interceptor.impl.InvocationStrategyInterceptor.intercept(InvocationStrategyInterceptor.java:55)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.interceptor.impl.InvalidStateInterceptor.intercept(InvalidStateInterceptor.java:37)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.interceptor.impl.AuthorizationInterceptor.intercept(AuthorizationInterceptor.java:132)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.interceptor.impl.JMXInterceptor.intercept(JMXInterceptor.java:48)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.engine.impl.ServiceEngineImpl.invoke(ServiceEngineImpl.java:115)
com.adobe.idp.dsc.routing.Router.routeRequest(Router.java:118)
com.adobe.idp.dsc.provider.impl.base.AbstractMessageReceiver.invoke(AbstractMessageReceiver.java:315)
com.adobe.idp.dsc.provider.impl.soap.axis.sdk.SoapSdkEndpoint.invokeCall(SoapSdkEndpoint.java:138)
com.adobe.idp.dsc.provider.impl.soap.axis.sdk.SoapSdkEndpoint.invoke(SoapSdkEndpoint.java:81)
sun.reflect.GeneratedMethodAccessor750.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.java:397)
org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:186)
org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:323)
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:454)
org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699)
javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:226)
weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:124)
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
com.adobe.idp.dsc.provider.impl.soap.axis.InvocationFilter.doFilter(InvocationFilter.java:43)
weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3393)
weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
weblogic.security.service.SecurityManager.runAs(Unknown Source)
weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2140)
weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2046)
weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1366)
weblogic.work.ExecuteThread.execute(ExecuteThread.java:200)
weblogic.work.ExecuteThread.run(ExecuteThread.java:172)
Caused By: com.adobe.truststore.errors.exception.TrustStoreServerException
com.adobe.truststore.dsc.CredentialServiceImpl.findCredentialByAlias(CredentialServiceImpl.java:466)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
com.adobe.idp.dsc.component.impl.DefaultPOJOInvokerImpl.invoke(DefaultPOJOInvokerImpl.java:118)
com.adobe.idp.dsc.interceptor.impl.InvocationInterceptor.intercept(InvocationInterceptor.java:140)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor$1.doInTransaction(TransactionInterceptor.java:74)
com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionBMTAdapterBean.doRequiresNew(EjbTransactionBMTAdapterBean.java:218)
com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionBMTAdapter_jmbvky_ELOImpl.doRequiresNew(EjbTransactionBMTAdapter_jmbvky_ELOImpl.java:141)
com.adobe.idp.dsc.transaction.impl.ejb.EjbTransactionProvider.execute(EjbTransactionProvider.java:133)
com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor.intercept(TransactionInterceptor.java:72)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.interceptor.impl.InvocationStrategyInterceptor.intercept(InvocationStrategyInterceptor.java:55)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.interceptor.impl.InvalidStateInterceptor.intercept(InvalidStateInterceptor.java:37)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.interceptor.impl.AuthorizationInterceptor.intercept(AuthorizationInterceptor.java:132)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.interceptor.impl.JMXInterceptor.intercept(JMXInterceptor.java:48)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.engine.impl.ServiceEngineImpl.invoke(ServiceEngineImpl.java:115)
com.adobe.idp.dsc.routing.Router.routeRequest(Router.java:118)
com.adobe.idp.dsc.provider.impl.base.AbstractMessageReceiver.routeMessage(AbstractMessageReceiver.java:91)
com.adobe.idp.dsc.provider.impl.vm.VMMessageDispatcher.doSend(VMMessageDispatcher.java:215)
com.adobe.idp.dsc.provider.impl.base.AbstractMessageDispatcher.send(AbstractMessageDispatcher.java:57)
com.adobe.idp.dsc.clientsdk.ServiceClient.invoke(ServiceClient.java:208)
com.adobe.truststore.client.CredentialServiceClient.findCredentialByAlias(CredentialServiceClient.java:367)
com.adobe.livecycle.signatures.service.impl.PDFUtilities.getCredentialFromStore(PDFUtilities.java:526)
com.adobe.livecycle.signatures.service.impl.SignCertifyImpl.sign(SignCertifyImpl.java:277)
com.adobe.livecycle.signatures.service.impl.DocumentSecurityService.sign(DocumentSecurityService.java:1308)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
com.adobe.idp.dsc.component.impl.DefaultPOJOInvokerImpl.invoke(DefaultPOJOInvokerImpl.java:118)
com.adobe.idp.dsc.interceptor.impl.InvocationInterceptor.intercept(InvocationInterceptor.java:140)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor$1.doInTransaction(TransactionInterceptor.java:74)
com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.execute(EjbTransactionCMTAdapterBean.java:342)
com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.doSupports(EjbTransactionCMTAdapterBean.java:212)
com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapter_z73hg_ELOImpl.doSupports(EjbTransactionCMTAdapter_z73hg_ELOImpl.java:301)
com.adobe.idp.dsc.transaction.impl.ejb.EjbTransactionProvider.execute(EjbTransactionProvider.java:104)
com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor.intercept(TransactionInterceptor.java:72)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.interceptor.impl.InvocationStrategyInterceptor.intercept(InvocationStrategyInterceptor.java:55)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.interceptor.impl.InvalidStateInterceptor.intercept(InvalidStateInterceptor.java:37)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.interceptor.impl.AuthorizationInterceptor.intercept(AuthorizationInterceptor.java:132)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.interceptor.impl.JMXInterceptor.intercept(JMXInterceptor.java:48)
com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptorChainImpl.java:60)
com.adobe.idp.dsc.engine.impl.ServiceEngineImpl.invoke(ServiceEngineImpl.java:115)
com.adobe.idp.dsc.routing.Router.routeRequest(Router.java:118)
com.adobe.idp.dsc.provider.impl.base.AbstractMessageReceiver.invoke(AbstractMessageReceiver.java:315)
com.adobe.idp.dsc.provider.impl.soap.axis.sdk.SoapSdkEndpoint.invokeCall(SoapSdkEndpoint.java:138)
com.adobe.idp.dsc.provider.impl.soap.axis.sdk.SoapSdkEndpoint.invoke(SoapSdkEndpoint.java:81)
sun.reflect.GeneratedMethodAccessor750.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.java:397)
org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:186)
org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:323)
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:454)
org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699)
javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:226)
weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:124)
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
com.adobe.idp.dsc.provider.impl.soap.axis.InvocationFilter.doFilter(InvocationFilter.java:43)
weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3393)
weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
weblogic.security.service.SecurityManager.runAs(Unknown Source)
weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2140)
weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2046)
weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1366)
weblogic.work.ExecuteThread.execute(ExecuteThread.java:200)
weblogic.work.ExecuteThread.run(ExecuteThread.java:172)
Views
Replies
Total Likes
Can you install the PFX (into the Windows certificate store) on the client and sign a PDF using Acrobat and the credential? This will help determine if the problem is with the credential itself.
Did you set the credential as a "Document Signing Credential" in the Trust Store?
Can you post the PFX file you created for testing?
Regards
Steve
Views
Replies
Total Likes
I just installed the PFX on the client and using Acrobat sign a PDF successfully. Also the credential has been set as " "Document Signing Credential" in the Trust Store. Attachment are pfx file that I using Keytool.exe generated by JDK 1.5 and JDK1.6
Views
Replies
Total Likes
What are the passwords for each of the PFX files. I tried "123456" as your code indicated, but this does not appear to be correct.
Thanks
Steve
Views
Replies
Total Likes
I am sorry, the password is blc123
Thanks
Jack
Views
Replies
Total Likes
Thanks, I'll let you know what I discover shortly.
Steve
Views
Replies
Total Likes
I created a process using LiveCycle Workbench that uses the "Sign Signature Field" operation from LiveCycle Digital Signatures ES. When I tested using the credentials you uploaded, it generates the following error...
ALC-DSS-303-001 Could not sign Signature Field SignatureField1[0] (in the operation : sign)
Caused By: ALC-DSS-303-014 Subject name and the subject alt name missing. (in the operation : getSignerName)
com.adobe.livecycle.signatures.service.impl.SignCertifyImpl.sign(SignCertifyImpl.java:467)
com.adobe.livecycle.signatures.service.impl.DocumentSecurityService.sign(DocumentSecurityService.java:1308)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
com.adobe.idp.dsc.component.impl.DefaultPOJOInvokerImpl.invoke(DefaultPOJOInvokerImpl.java:118)
It seems that there is some problem with the digital signatures service and the way the credential is creaated by the Java keytool. I tried using the keytool to generate other certificates and I was able to duplicate the problem. I was unable to create a credential using ther keytool that would work.
At this point, if you are just testing, then use a self-signed certificate created by Acrobat (as you know this works). If you absolutley need to use the Java Keytool, then you may want to contact Adobe technical support.
In the past I have used OpenSSL to generate certificates that work properly.
Regards
Steve
Views
Replies
Total Likes
Hi Jack,
The problem is the digital ID you've created does not contain the Key Usage extension. In order to sign using either the LC server or Acrobat/Reader, the digital ID must contain the Key Usage extension and assert digitalSignature and/or nonRepudiation.
Steve
Views
Replies
Total Likes
Views
Likes
Replies
Views
Likes
Replies
Views
Likes
Replies