Welcome Guest Search | Active Topics | Sign In | Register

Essential Objects Product Support Forum » All Products » Support » Certificate for Digital Signature

Certificate for Digital Signature Options
Previous Topic · Next Topic
Pete
Posted: Friday, November 17, 2017 2:20:19 PM
Rank: Newbie
Groups: Member

Joined: 11/16/2017
Posts: 1
I'm a new customer and just purchased the EO.pdf product. I'm trying to use the digital signature feature, but can't figure out what to put in the certificate field of the sample code:

//Create a new PdfSigner object with a certificate
PdfSigner signer = new PdfSigner(certificate);

I understand I need to put a certificate or a path to the pfx file in the above code. My problem is, our public certificate authority cert does not have a .pfx file associated with it. Is there some way I can get to the cert via the server certificate store? Or do we need to create a .pfx file from the cert (if that is even possible)?

I'm completely new to digital signatures and have been googling to increase my knowledge. I understand the public and private keys, but we have an array of certificates at our institution, and I'm not sure which one to use: A self-signing cert, our institution's Root CA, or a Public CA (as mentioned above). From discussions with our network engineer, I have made an assumption that the Public CA is the one to use. But as I said above, there's no .pfx file for it.

Any help you can provide would be much appreciated.
Thanks.
Back to top
 
eo_support
Posted: Friday, November 17, 2017 3:17:10 PM
Rank: Administration
Groups: Administration

Joined: 5/27/2007
Posts: 24,071
Hi,

Creating a digital signature requires the private key of the certificate so that:

1. Other people can use your public key to verify that this is indeed from you because only the corresponding public key can decode it;
2. No one else can forge your signature because they do not have your private key;

So as long as you have the private key, you can use it to sign the PDF file. There are two ways you can provide private key:

1. Pass a PFX file which already contains the private key;
2. If the certificate is in certificate store and is exportable, you can pass the certificate from the store along with the export password. The PdfSigner class will then export it to a PFX format and then follow the same path for step 1;

Generally you would not use a CA for signature purpose since the purpose of a CA certificate is for signing other certificates.

Thanks!
Back to top
 


You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.