Forms and Digital Certificates

Similar Messages

• Private key and digital certificate

  I have a keystore . in ordeer to know what it contains ,i opened this keystore with this command ...keytool -list -keystore DemoIdentity.jks
  and i got,
  Keystore type: jks
  Keystore provider: SUN
  Your keystore contains 1 entry
  demoidentity, Jan 4, 2007, keyEntry, // is it called private key ?
  Certificate fingerprint (MD5): 60:42:75:33:31:AA:9A:C6:9D:1A:CD:9F:22:8D:4A:6A // is it called certificate ?
  Question :
  I still dont understand what a keystore contains. does it contains "private key" + "digital certificate" ?
  If so , what are private keys and digital certificate in the above contents ?
  Message was edited by:
  Unknown_Citizen
  Message was edited by:
  Unknown_Citizen

  The content of a 'keystore' is what you, or the person who provided it, put in it. In this case it looks like all it contains it a public key certificate with an alias of 'demoidentity' .

• Adobe Interactive Forms and Digital Signature

  Adobe Interactive Forms and Digital Signature
  Hi, I’ve a question if it works to digital sign interactive PDF documents created by an SAP BPM System? So is it possible just to sign the content, and not the interactive components like layout and buttons e.g.?
  Thanks for your help.
  Regards,
  Tobi

  serverside or at the client??

• Ical and digital certificates

  I accidentally deleted the digital certificate that is buried someplace in a folder in the operating system, and now iCal won't sync, and it wont connect to the apple server. I have 6 other Macs and they all work fine. They are all pretty new. But my laptop won't sync and won't connect.
  Does anyone know how to get the digital certificates back into that folder?
  Also my MSN messenger won't work because I deleted that certificate.
  Thats the last time I play around with something I know nothing about.
  Thanks
  Rock

  I need to implement exactly the same thing and would appreciate some guidence as well.

• MobileMe mail and digital certificates

  Hi,
  Is there any way of digitally signing and encrypting MobileMe emails using a self-signed certificate?
  Thanks,
  Glyn

  Thanks for your reply, Dave - glad to hear it's not just me!
  I spoke to Apple and they say they've done nothing to the MobileMe servers that would cause this.
  The reject email I get is:
  Your message cannot be delivered to the following recipients:
   Recipient address: [email protected]
   Reason: SMTP transmission failure has occurred
   Diagnostic code: smtp;550 5.7.1 Command rejected
   Remote system: dns;email-lb-cpg.austin.hp.com (TCP|17.172.48.75|57574|15.217.96.213|25) (hpeprint.com ESMTP Postfix)
  Original-envelope-id: [email protected] Reporting-MTA: dns;st11b01mm-asmtp212.mac.com (tcp-daemon) Arrival-date: Wed, 12 Oct 2011 01:39:29 -0700 (PDT) Original-recipient: rfc822;[email protected] Final-recipient: rfc822;[email protected] Action: failed Status: 5.7.1 (SMTP transmission failure has occurred) Remote-MTA: dns;email-lb-cpg.austin.hp.com (TCP|17.172.48.75|57574|15.217.96.213|25) (hpeprint.com ESMTP Postfix) Diagnostic-code: smtp;550 5.7.1 Command rejected

• Adobe Form and Digital Signature issues

  We are using a adobe form to submit agreements for staff, some individuals are getting the "The Windows Cryptographic Service Provider reported an error: Key does not exist. Error Code 2148073485. Any help or guidance would be great. Thanks

  Hi dfbarnet, May we know how is that form created. Is that created using Acrobat ?
  Please explain in detail so that we can route your query in correct direction.

• WebVPN-Problem with Digital Certificate and AAA

  Hello everyone,
  I have a problem during configuring WebVPN on ASA 5520 using AAA and digital certificate of Microsoft. (MSCEP)
  Currently, The WebVPN service is enabled and it worked well with AAA (local or external) only,
  But now, I want to use both AAA and Certificate for most secure-I mean that the users will be authenticated 2 times (firstly, it is checked by valid certificate then user/pass is second one).
  Here are details:
  I tried installation CA server (Microsoft CA service combined with SCEP) and register ASA with CA server (ASA work as subordinate CA)-->these steps is ok, asa has registed, then client use web-browser request CA and it's issued by CA administrator then it is installed on web-browser.
  Testing:
  The Client tried to test with access SSL VPN, the welcome WEBVPN message prompt user/pass but the message is "Logon Failed" before I give user and pass,
  Does anyone know and advise ?
  Thanks
  Khanh

  Hi all,
  Here are attach files for my issuse,
  Khanh

• Logging into BOA's CashPro form Firefox Home finds no digital certificate

  I'm trying to wire transfer funds using BOA's CashPro application from my ipad. I can see the CashPro login from Firefox Home, but immediately after logging in, CashPro finds no Digital Certificate and aborts. I installed this digital certificate on the ipad, but the application doesn't see it. Will I be able to access and use BOA's application form Firefox Home on my iPad?

  Sorry, I don't think Firefox Home is able to use client certificates. If the web site works in Safari, you can use the "Open in Safari" option in Firefox Home to browse this web site. Tap on the picture below for an illustration.
  You can also turn on the [http://support.mozilla.com/en-US/questions/792360 Use Safari] option in the Firefox Home settings, if you want all web sites to open in Safari.

• Can XML Publisher add a digital certificate (cert.pfx) via the xdo.cfg file or do I need to upgrade and use BI Publisher instead?

  Hi Guys
  I need to add a digital certificate to a clients customer statements and invoices. XML Publisher 5.6.3 has been used originally to design the templates as RTF. I have the following questions please...
  1. Can an RTF template be used or do I need to convert it to a pdf template?
  2. Can XML publisher even be used or do I need to get the DBAs to install BI Publisher. XML Publisher doesn't even have the signature properties in the admin screens that BI Publisher has.
  Below is a copy of the xdo.cfg file which currently does not add the pfx file...
  <config version="1.0.0"  xmlns="http://xmlns.oracle.com/oxp/config/">
  <properties>
     <property name="system-temp-dir">/tmp</property>
     <property name="pdf-security">false</property>
     <property name="pdf-open-password">testpass</property>
     <property name="pdf-permissions-password">testpass</property>
     <property name="pdf-encryption-level">1</property>
     <property name="pdf-no-printing">true</property>
     <property name="pdf-no-changing-the-document">true</property>
     <property name="signature-enable">true</property>
     <property name="signature-pkcs12-path">/app/oracle/product/appldev/apps/apps_st/appl/xdo/12.0.0/resource/digcert.pfx</property>
     <property name="signature-pkcs12-password">testpass</property>
     <property name="signature-field-location">top-left</property>
     <property name="signature-reason">taxreasons</property>
     <property name="signature-signed-at">Cape Town</property>
     <property name="signature-display-style">detailed</property>
  </properties>
  </config>
  Any help will be greatly appreciated.

  thanks for the summary of the many posts and threads describing all of these steps.

• What is the difference between a pki digital certificate received in pkcs7 format and what iplanet refers to as a pkcs#11 module?

   

  A lot of NSS-related jargon is defined on mozilla.org, including the different PKCS standards:
  http://mozilla.org/docs/jargon.html#PKCS5
  To summarize (and simplify), PKCS #7 is a standard for digital certificates while PKCS #11 is a standard for communicating with cryptographic devices (e.g. SSL hardware accelerators).

• Acrobat X Standard and forms containing digital sigs

  Hi all,
  My first post here.
  In the office, we haveAdobe Acrobat X which we use to view and digitally sign PDF. I imported a word template form into Acrobat and made it interactive.
  It's basically a form with some 30 questions and a series of tick boxes (Yes/No). This is a quality check form. If the person finds mistakes during QC process, he/she sends reqquests changes, a second QC is in place and a series of tick-boxes completed. Again, this has a series of checkboxes. I added two digital sigs. One for each  user and in the properties section  of the first QC (let's call it the originator) made all fields read only when first QC was entered. This worked fine. Second person is then able to enter their own comments no problem BUT when digitally signing they get a popup that the signing operation failed as document was modified in unauthorised manner since previous signature was applied. Chatted to IT and a few people who know a few things about PDF etc but none of them have an idea why this is ocurring. Cn anyone help. What am I doing wrong. Can Acrobat do what I am asking it?

  Open the file
  Open the Tools panel
  Expand the Forms section on the Tools panel
  Click the Edit button in the Forms section of the Tools panel
  Right mouse click on the first signature field
  Select Properties from the pop-up menu
  On the Digital Signature Properties dialog, select the Signed tab
  My guess is you have already selected the Mark as read-only radio button, but if not then select it\
  Select  Just These Fields from the drop-down menu next to the radio button
  Click the Pick button
  Select just the fields that you expect the QC originator to have selected
  Click the OK button on the Field Selector dialog
  Click the Close button on the Digital Signature Properties dialog
  Click the Close Form Editing button in the Tasks panel
  That should fix the problem.
  Steve

• GPO For Outlook Certificates Used For Encryption and Digital Signatures?

  How can we configure a group policy to distribute certificates to Outlook 2010 users so they can digitally sign and encrypt messages without requiring much effort on their end?
  The users will become confused and make mistakes if we ask them to follow instructions on how to download and import certificates into Outlook 2010 manually.  Can we automate this with Group Policy?

  Would a certificate "autoenrollment" GPO work for these types of certificates?
  Yes. Here's a good guide. The user will still need to choose to sign, or encrypt, unless you want to enforce that in some way. If you are sending signed or encrypted email outside of your AD, you will need to solve how the recipients will get your root cert,
  etc.
  http://davidmtechblog.blogspot.com.au/2013/06/exchange-2010-security-smime-part-1.html
  http://davidmtechblog.blogspot.com.au/2013/07/exchange-2010-security-smime-part-2.html
  http://davidmtechblog.blogspot.com.au/2013/07/exchange-2010-security-smime-part-3.html
  Don
  (Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
  This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

• Automatically download digital certificates form Net

  Hi!
  I have to download digital certificates from the prespecified URLs. I cannot use servlet. By network programming I am able to connect to the site and I can store the certificate by using IO package. But this way, the format of the stored certificates are not valid.
  Is there any way I can automatically(through coding) download the certificates or can store in a valid format?
  Regards
  Vivek

  Hi!
  I have modified my code and now the file sizes are same. but still cannot open the file. One more thing I would like to add is that, with this code if I download some exe also. the same problem happens. For normal text it works fine.
  I am attaching the code also:
                 URL url=new URL("http://www.secdom.com.au/general/certs/sdplrootca_der.crt");
                 URLConnection con=url.openConnection();
                 System.out.println("Content type is : "+con.getContentType());
                 BufferedInputStream htmlPage =new BufferedInputStream(con.getInputStream());
                 byte [] data;
                 int contentLength = con.getContentLength();
                 if (contentLength > 0)
                 try
                      data = new byte[contentLength];
                      int h=htmlPage.read(data,0,con.getContentLength());
                      htmlPage.close();
                      FileOutputStream fou=new FileOutputStream("aa_v.crt");
                      fou.write((new String(data)).getBytes());
                      fou.close();
                 catch(Exception e)
                      System.out.println("error");
                      e.printStackTrace();
                 }

• Transfer attachments and Digital Signatures,from a PDF, to Interactive Form

  Hi,
  I am developing an an application in WebDynpro Java.
  I have a requirement that a user A creates a new interactive form & fills some of the details, & then saves the form.
  User B then fetches the form & fills the remaining details.
  User A can add attachments & digitally sign the form(using digital signatures).
  When user A  saves the form, the application saves it in the JDT. The application fetches the pdf from the JDT & shows it to the user B.
  The problem is that, when the form is displayed to user B, i need to pass a variable(using context nodes) to the form, so that some of the properties(visibility,read-only,etc) of the UI elements(of the form) changes, depending on the variables' value.
  For this purpose, i need to use the Form for user B in ""UpdateDataInPdf" mode.
  But if i do this, then all the attachments, signatures saved in the pdf form(by user A), do not get transfered to the Interactive Form of User B!!
  How do i overcome this problem??
  I am using NW7.0 SP13.; Designer7.1, xACF is installed.

  Hi everyone,
  I solved this issue using the transferPDFDataIntoContext of the WDInteractiveFormHelper class.
  The AIF mode must be set to usePdf.
  I hope it will be useful.
  Regards,
  Mirco

• Web service client and SSL Certificate

  Hello, everyone,
  I have a problem that has really stumped me.
  I've written a web service client for a web service that has a digital certificate. This comes in the form of a .pfx file.
  When I try send a request to the web service, I get the following:
  AxisFault
  faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
  faultSubcode:
  faultString: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  faultActor:
  faultNode:
  faultDetail:
       {http://xml.apache.org/axis/}stackTrace:javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
       at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
       at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
       at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
       at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
       at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
       at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
       at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
       at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
       at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
       at org.apache.axis.client.Call.invoke(Call.java:2767)
       at org.apache.axis.client.Call.invoke(Call.java:2443)
       at org.apache.axis.client.Call.invoke(Call.java:2366)
       at org.apache.axis.client.Call.invoke(Call.java:1812)
       at org.tempuri.BasicHttpBinding_IExternalServiceStub.submitAchievementBatchJob(BasicHttpBinding_IExternalServiceStub.java:531)
       at uk.gov.qcf.lrs.api.services.IExternalServiceProxy.submitAchievementBatchJob(IExternalServiceProxy.java:56)
       at uk.org.aqa.main.Main.main(Main.java:111)
  Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
       at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
       at sun.security.validator.Validator.validate(Unknown Source)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
       ... 24 more
  Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
       at java.security.cert.CertPathBuilder.build(Unknown Source)
       ... 30 more
       {http://xml.apache.org/axis/}hostname:WM8-319
  javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
       at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
       at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
       at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
       at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
       at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
       at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
       at org.apache.axis.client.Call.invoke(Call.java:2767)
       at org.apache.axis.client.Call.invoke(Call.java:2443)
       at org.apache.axis.client.Call.invoke(Call.java:2366)
       at org.apache.axis.client.Call.invoke(Call.java:1812)
       at org.tempuri.BasicHttpBinding_IExternalServiceStub.submitAchievementBatchJob(BasicHttpBinding_IExternalServiceStub.java:531)
       at uk.gov.qcf.lrs.api.services.IExternalServiceProxy.submitAchievementBatchJob(IExternalServiceProxy.java:56)
       at uk.org.aqa.main.Main.main(Main.java:111)
  Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
       at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
       at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
       at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
       at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
       ... 12 more
  Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
       at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
       at sun.security.validator.Validator.validate(Unknown Source)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
       ... 24 more
  Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
       at java.security.cert.CertPathBuilder.build(Unknown Source)
       ... 30 moreI've looked onliine to try to solve this issue, and it seemed that the answer was the add the certificate to the keystore. I had a lot of issues doing this, due to the certificate being a .pfx file. However, using the following, I was able to do it:
  keytool -importkeystore -srckeystore "sandpit.pfx" -destkeystore "%JAVA_HOME2%\lib\security\cacerts" -srcstoretype pkcs12 -deststoretype jks -srcstorepass password -deststorepass anotherpassword -vHowever, I am still getting the same error. This may be because this isn't the keystore used, but it is located in the area marked as being used in the build path.
  I then looked further, and found that I may need to add:
  System.setProperty("javax.net.ssl.trustStore","myKeystore");
  System.setProperty("javax.net.ssl.trustStorePassword","myPassword");altering where appropriate. But this didn't work, and I'm thinking that this would involve a lot more code than just those two lines.
  I'm just not sure what to do, and am hoping someone can help. I didn't think it would be too big an issue to ensure my program used the certificate, but it seems to be. I thought that once it was added to the keystore, that would be it, but it appears not.
  I'm sure this isn't a rare issue, but I just lack the knowledge to make any headway. Please can someone help or point me in the right direction?
  Thank you very much in advance.
  Robin

  Sorry to bother you again with my request but I would appreciate some help with my problems.
  Nobody his using some web services who requires protection ?
  Thanks a lot.