Request user digital signature via SSL

Hi, i�m working on a delivery authority implementation that should work as follows:
The system sends an reminder email to B, with a link to a SSL web page, when B clicks the link he goes to that page, and that page needs to check if he has a valid digital signature (IE: that has the same CA and the same e-mail that the ones i have registered on my database). If the checking is OK, then the server will let him download something, in example
Somebody got any clue or how to do this? Any web page that has some information, anything...
Tks in advance,
Eduardo Hadlich
Systems Analyst
Directa Automacao
Florianopolis, Brazil

Here�s the scenario: A wants to send something to B, but both need tokes to prove that they did participate in the process. The implementation uses an Delivery Authority (DA), witch is an third party entity, and it�s responsible for receiving an email from A and then forwaid it to B.
The reminder is signed with DA digital signature, and just contains a link to this homepage i described, witch B is suposed to to, supply his digital signature to prove that he�s gone there and wanted to receive the message (email from A), and the gain access to the message itself.
API? You mean JDK1.4.2 and the BouncyCastle provider?
Hope it helps...
Tks in advance,
Eduardo Hadlich

Similar Messages

  • Do I have to use EchoSign to request digital signatures via email?

    I am using Acrobat XI Professional and want to request a digital signature.  Can this be done outside of EchoSign or no?  If possible, how do I add the signature request to a PDF?

    EchoSign does not support digital signatures. What do you mean by "add the signature request to a PDF". If you want to digitally sign PDF then how do you do it depends on PDF. If a PDF has unsigned signature fields, you click on the field and "Sign" dialog pops up and guides you through the process. If there are no unsigned signature fields in PDF then you select Fill&Sign->Work with Certificates->Sign with Certificate. You get a dialog to draw a rectangle for your signature field and then the same "Sign" dialog pops up. You need to have a certificate with a private key suitable for signing to digitally sign a PDF.

  • Loading Invoice XML IDoc with digital signature via XI into R/3

    Hi,
    I received an Invoice XML IDoc with digital signature via Mail (for test purposes) and want to load it via XI into an R/3 systeme.
    My idea is to load the Invoice XML IDoc file via the File Sender Adapter into XI and send it to the R/3 system via the IDoc Inbound adapter.
    Due to the digital signature the file looks like this:
    0‚ S      *†H†÷
        ‚ D0‚ @   1 0       +      0‚ '      *†H†÷
        ‚   ‚   ‚ –0‚ ’0‚ û      etc.
    When I load the file like this with the File Sender Adapter, an error message occurs in the XI Monitoring as the XML Parser cannot read the file due to the digital signatur (as expected).
    Has anybody an idea how I can configure the File Sender Adapter Communication Channel to be able to load only the XML IDoc and ignore the digital Signature strings?
    Thanks in advance for your support.
    Alex

    BTW
    do use the second way you need:
    Security Settings for the Sender Mail Adapter
    http://help.sap.com/saphelp_nw04/helpdata/en/27/c0524257a1b56be10000000a155106/content.htm
    and
    Key Storage Service
    http://help.sap.com/saphelp_webas630/helpdata/DE/e9/a1dd44d2c83c43afb5ec8a4292f3e0/content.htm
    apart from adapter module config
    Regards,
    michal

  • How can I create a form requesting a digital signature at the end?

    I'm looking to create a form for a meeting that allows attendees to fill out their address and pertinent information as an agreement and at the conclusion of the form give them the option to sign electronically/digitally.
    How can I do this? Is Adobe Forms the best program for this?

    Hi,
    Unfortunately, digital signatures are not supported in Adobe FormsCentral.
    In order to collect signatures from the attendees, you can either use Adobe EchoSign to collect electronic signatures or Adobe Acrobat to get the documents digitally signed.
    Please follow the links to know more about the services:-
    Adobe EchoSign:-Electronic Signature Software, Digital Signatures | Adobe EchoSign
    Adobe Acrobat:- PDF converter, PDF editor, convert to PDF | Adobe Acrobat XI Pro
    Regards,
    Nakul

  • How to embedd author certificate and user digital signature?

    Hi,
    I want to implement Digital Signature in my pdf using Netweaver technology. I am working on an offline scenario.
    I have few question on this topic.
    1) Once I sign the pdf do the input-fields in them get locked? Is no then how do I lock them to ensure that they are not tampered?
    2) How to pass the certificate along with the pdf? Can I pass it through an email?
    3) Is the digital signature completely done on Adobe Reader side or the program side?
    Please reply urgently...
    Thanks,
    Vishal

    hi
    i've the same problem. i've found this solution, but you need download a JCE Provider that allow you to read the explorer certificate store.
    You can try this one: https://download.assembla.se/jceprovider/
    and the code:
    import se.assembla.*;
    public class Listcerts {  
         public static void list() throws Exception{
              java.security.Security.insertProviderAt(new se.assembla.jce.provider.ms.MSProvider(), 2);
              KeyStore ks = KeyStore.getInstance("MSKS","assembla");
              ks.load(null,null);
              X509Certificate cert=null;
              String alias=null;
              int count=0;
              for (java.util.Enumeration e=ks.aliases();e.hasMoreElements();){
                        alias=(String)e.nextElement();
                        cert=(X509Certificate)ks.getCertificate(alias);
                        System.out.println("\n Certificado alias"+alias+":");
                        System.out.println(cert);
                   count++;
              System.out.println ("NUM CERTS="+count);
    now, i need the same solution for Firefox browser XP
    good luck
    Message was edited by:
    meteko

  • Digital signature via ITS

    Hello gurus,
    I use a ssf complaint dll to sign files using a smart card. Everything works fine in the sap Gui.
    Now my customer ask me to use the same application via ITS. He wants to access the sapGui via web and sign the document using a smartcard.
    As far as I know ssf signature use a RFC destination to talk with the local dll library.
    Does somebody knows if this scenario (the one via ITS) may work?
    Thanks
    Gianni

    Hi Gianni,
    please create a SAP customer message for this issue and ask SAP primary support to forward the message to ITS development. Describe what your customer wants to do and why they require this functionality. We will than check what can be done.
    Best regards,
    Klaus

  • WDJ Adobe digital Signatures

    Hello SDN,
    I have to implement Digital signatures in my Webdynpro interactive forms. In sdn I found one example related to online Interactive form security but for offline I couldnt find.
    In offline scenario, a user will send pdf form to customer or employee etc to fill the form and send it back.
    1) Here how a receiver will know that he got the form, from an authorized person?
    2) Once the form is filled and send it back, how receiver can validate whether the filled form came from an authorized person?
    3) Also how exactly I can use digital signatures? what are the technical requirements for implementing digital signatures?(SSL is mandatory?)
    Can some one guide me on this?
    Appreciate your help.
    With regards,
    Ravi

    Hi Ravi,
    Digital signatures can also be created and verified as of Adobe Reader 5.1. Users can use the Adobe Acrobat Reader to display and print files in PDF format, whose content and appearance correspond to the paper version, on a cross-platform basis. The prerequisites for this are the use of the new Adobe Document Server for Reader Extensions and the replacement of SmartForms by Adobe Acrobat (this is still in development). SSF is not used.
    Adobe Document Server for Reader Extensions assign additional usage rights to electronic forms that were created with Adobe Acrobat 5.0 and Adobe Form Designer 5.0. Digital signatures are a type of usage right.
    Adobe Acrobat Reader 5.1 can be downloaded free-of-charge from Adobe's Web site, and processes the usage rights that were embedded in PDF forms by the Adobe Document Server for Reader Extensions.
    for SSL service go through:[https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/media/uuid/40cacc80-c1fc-2a10-f8b5-9e33b1829552]
    for ADS (adobe document services) chk it out;[https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/50fd998b-494f-2b10-c2ab-e3513a857f62]
    Digital Signatures and Certification in Forms:
    [http://help.sap.com/saphelp_nw04s/helpdata/en/de/eda54dd9194cbcbb62bffaaebfa41d/frameset.htm]
    If U have to implement digital certificates, from where I can get these certificates? Do U have to create on my own or need to buy from some party?
    chk it out;https://www.bconline.gov.bc.ca/pdf/DigiCertFAQ.pdf
    On-demand digital certificates for Adobe AIR applications:
    [http://www.net-security.org/secworld.php?id=6628]
    Regards,
    Khushboo

  • Digital Signature for QM notification status change

    Hello experts,
    I need your guidance regarding implementation of user digital signature for QM notification status change. Our customer has ECC 6.0 but they are not inclined to introduce enhancement package 3 soon. Now their requirement is that while QM notification status change they want to have a user signature pop-up to verify the user authorization to do so. But they don't want to do so by using digital signature via DMS status change.
    I am really not sure if I have explained the situaion correctly or not as i am quite new to QM. But I am desparately looking forward to get your valued replies in this regard.
    Best regards,
    Anirban

    To fulfill the FDA requirement we have apply the logic to make sure that a digital signature is captured for status changes during task processing.
    To map this requirement we have developed one custom table to store remark that will be displayed on digital signature remarks textbox. This table will have following feild:
    STAT - System/ user status
    QMART - QN type
    SPARS - language
    TEXT - character text.
    Work with ABAPer to implement this, and after implementing validate following key point:
    u2022     Validate that after successful digital signature that the signature cannot be overwritten.
    u2022     Validate the locking of the User ID after customer specific number of unsuccessful signature attempts.
    u2022     Verify that the digital signature works for each status.
    u2022     Validate that if the digital signature is cancelled prior to successful entry that the system status reverts back to previous status and all processing authorizations allowed for that status still function properly.
    Hope my reply will help you.
    Thanks!!!

  • Digital Signatures on TechNet Gallery - thoughts?

    I've recently obtained a code-signing certificate from DigiCert (who are awesome, and offer these certs for free to MVPs for personal use), and was thinking of going back and signing the various bits of script that I've posted to the TechNet Gallery. However,
    most of these posts are code fragments (individual functions, etc).  The intention isn't that the user will run them as-is, but just copy and paste the code into their own modules, profiles, scripts, or whatever.
    This means that my signature would be thrown out anyway before the code is executed, but there may still be some benefit in verifying, at the time of download that the code hasn't been modified in any way since I originally uploaded it (say, for instance,
    if someone manages to gain unauthorized access to my Microsoft account or the TechNet Gallery in some way.)
    The only one I've signed so far is the Enhanced Script Logging Module, because that is uploaded as a zip file that contains, among other things, a compiled DLL.  Not only is that one intended to be run as-is, but it's also harder for people to
    verify that the DLL file is safe to run.
    What do you think?  Worth the time to go back and sign / re-post everything else?

    Hey Len
    there is an internal mailing list for Oracle folks - drop me a mail for it.
    that said, the standalone release of Publisher supports a site wide(no support for user digital signatures) digital signature that will be added to all PDF documents that BIP generates.
    Please check the documentation for more info - http://download.oracle.com/docs/cd/E10415_01/doc/bi.1013/e12188/T421739T475591.htm#5013688
    regards
    Tim

  • Use of active directory userid/password authentication instead of SAP R/3 User/Password for digital signature?

    Dear all,
    I am looking to setup the use of active directory userid/password authentication instead of SAP R/3 User/Password for digital signature. We SSO to the backened ABAP AS via an SAP NW Portal to which SPNEgo kerberos authentication is setup. Today we specify R3 user id/password to digitally approvae a lot release. The idea is to have users maintain one AD password and don't have to remember the R/3 password anymore and also our Security team to avoid password maintenance.
    I know there are 3 options for digital signature and
    System signature with authorization by user ID and password (We use this currently)
    Digital User signature with verification - (We would like to use this with AD userid/password, so the system still ask the users their AD userid/password for the authentication when they try to "sign" a document.)
    User signature without verification
    Do you think there is a way to configure the system in order to ask and check the active directory userid/password instead of SAP R/3 password? Where can I found documentation about it ?
    I have several different versions of AS ABAP starting from NW 7.02 to NW 7.31.
    My active directory is based on Windows 2008.
    Thanks in advance!!
    Dhee

    Actually enabling Kerberos for SSO purposes and enabling Kerberos for digital signatures are two different topics although the latter is because of the former. I'm interested in the topic as well and I'm currently looking at different options. SAP provides a BAdI for the digital signature API which can be used for external authentication but they do not provide the solution to invoke Kerberos authentication based on username and password. SAP provides a semi solution with NWSSO 2.0 SP2 which works only on Windows with classic dynpros meaning SAP GUI for Windows is assumed. The solution is based on an ActiveX component which does the actual Kerberos authentication using the Secure Login Client which is part of the NWSSO suite. Extending that implementation to non-Windows and non-GUI applications would require some sort of web enabled service that could be used to authenticate the user with username and password. In case authentication is successful, a Kerberos token would be returned to SAP which would then be validated. All the required pieces are there since SAP has Kerberos support now in both stacks of the NetWeaver Application Server, some bits are still missing though which leaves customers looking at 3rd party or custom solutions.

  • Security Issues: SSL on SOAP Adapter and Digital Signature in BPM

    Hi there,
    we're developing a R/3-XI-3rd Party Application scenario, where the XI/3rd Party communication is based on a webservice (SOAP adapter with SSL). Also, the messages in the XI/3rd Party communication must be digitally signed. I've got some questions on both subjects.
    1. About the SSL. I've started to investigate what will be necessary to enable the HTTPS option under SOAP Adapter (it's not enabled now). If I'm not correct, all I need to do is:
    - check whether the SAP Java Crypto Lib is installed in the Web AS;
    - generate the certificate request in the Visual Administrator and, after acquiring the certificate, store it with the KeyStorage option.
    Is that right?
    I'm considering that I won't need to use SSL in the ABAP Web AS, only the J2EE Java Engine (since the SOAP Adapter is based on J2EE).
    2. About the digital signature. As a first solution, we had decided on accessing a webservice based on another machine running a signature application. We'd send the unsigned XML and receive a signed XML. But since that needed to be done into the BPM, I thought that using a piece of Java code in a mapping would suit it better.
    But to be able to use the hashing/encrypting/encoding algorithms, which library needs to be installed? Is it the same SAP Java Crypto Lib that was installed for the SSL enabling?
    Thanks in advance!

    Hello Henrique,
    1. You're right. For detailed instructions please have a look at the online help: http://help.sap.com/nw04 - Security - Network and Transport Layer Security - Transport Layer Security on the SAP J2EE Engine
    2. The SOAP adapter supports security profiles. Please have a look at the online docu http://help.sap.com/nw04 -Process Integration - SAP Exchange Infrastructure - Runtime - Connectivty - Adapters - SOPA Adapter - Configuring the Sender SOAP adapter and from the link under Security Parameters to the Sender Agreement. You'll find some additional information in the following document: http://service.sap.com/~sapdownload/011000358700002767992005E/HowToMLSXI30_02_final.pdf
    Rgds.,
    Andreas

  • "Save As" requested instead of "Save" after digital signature of my PDF

    Hi all,
    I use Adobe Reader XI.
    I have a PDF file configured with a set of fields to be filled in.
    One of these fields is a digital signature field.
    Everyting is working fine: I can fill the fields and sign the document with my ID card, as you can see below :
    The problem I have is that when I sign my document with my digital signature, Adobe request a "Save As". I would like to know if there is a way to only use a "Save" ?
    That requirement is very important since we will deploy the solution to more than 5000 users in an environment which is integrated with other tools, and for the whole stuff to work, the users can't change the file name nor file path... In that scenario, you will understand that proposing a "Save As" by default is not the good way to go.
    Ciould you please tell me if a solution exists for this ?
    Thanks already
    Benoît

    Never mind, I found the answer.
    A matter of setting the Firefox options so that PDF files open in Reader or whatnot rather than prompt to save.

  • [b]How to validate user's digital signature by ClientAuthentication?[u]HELP

    Hello,
    My Problem:
    By client-certificate-based authentication the first step is to prove "Does user�s public key validate user�s digital signature?". How can I prove this on the ServerSide manually, resp. I want to verify it with java classes on the server side additional to web-server. Actually the Web-Server verify this through the SSL-Connection, I'm conscious of this, but how can I additionally verify this step with java classes.
    Thanks a lot

    You would have to code it all again from the client side: obtain the certificate and private key from the keystore, send the cert, sign it, send the signature, and have the server receive the certificate and check the signature, all as part of your application protocol.
    Instead of all this duplication I have no doubt that you should just point your firm at RFC 2246 in which the Certificate and CertificateVerify messages are mandated, or at the pages of Rescoria's book that I pointed you to before. The transport already meets the requirement and there is zero value in re-implementing it. Indeed there is a negative value: (a) there is a development time and execution time cost which they should consider, especially the development cost, and (b) if you get it wrong you are going to reject legal clients. (There is no possibility that you will accept illegal clients by programming error. SSL/TLS works.)
    EJP

  • Limiting users to 1 digital signature

    Hello all,
    Using Adobe Acrobat 9 Pro and Adobe Livecycle Designer 8.
    I have created several forms using Livecycle Designer 8 to be distributed internally.  I would like to add a Signature Field and looked into buying VeriSign signatures which i have been quoted $320 for, this is far to much to pay.  As the forms are for internal use only, is there a way that i can limit the user to creating only ONE id?
    Or if anyone has any other ideas on how to provide secure digital signatures without the price tag?
    Thanks in advance for any help.

    You can't prevent users from creating more than one digital ID, there are many tools\utilities available that can be used to create digital ID's (including Acrobat)
    You could use the "seed value" feature when creating the signature field with Adobe Designer.  You can restrict which certificates (digital id's) can be used to sign the PDF (see attached SigningCertificates.gif).  The problem in you case (when using self-signed certificates) would be that you would have to identify each and every one of your user's certificates in the signature field configuration.
    You might want to look into setting up your own certificate server (there are open source servers available), this way you can issue the digital ids (certificates) to your users.  This also means that you can specify in the signature field configuration that only certificates issued by a specific certificate server can be used to sign the document (see attached IssuersAndPolicies.gif).
    Hope this helps.
    Steve

  • Digital Signatures Help Requested

    I looked through the forums and there was one thread not too long ago that talked about digital signatures but didn't seem to focus on this particular problem, so I figured I'd start a new one hoping someone would have some advice.
    We receive a document that is digitally signed by our client. We view the PDF in the full version of Acrobat and have added these users as Trusted Users (in managed trusted identities).
    We Verify the Signatures that were added to the document and see the digital signatures at the bottom of the document but there's one thing that's not showing up and that's the actual "signature" or "signed signature" of the person. We only see a typed out version of their name.
    We've spoken to our client and they maintain that we should be viewing the "signed signature" and we need to figure it out.
    When I check the Signature Properties, it tells me that their signatures were created using "Entrust.PPKEF". Could this be the problem?
    As much as I'm reading up on Digital Signatures, it's my belief that we don't need to purchase any other software in order to view these properly. Am I mistaken.
    Any help would sure be appreciated.
    Paul

    Hi Paul,
    Are you expecting a "wet ink" type of signature? That is, an image in the signature field that is a copy of a signature someone created with pen and paper? If that's what you really need then maybe a digital signature workflow is not what you should require from your client. However, in many respects a digital signature (at least in the electronic world) is a much more powerful tool then a wet ink facsimile.
    In this day and age, anyone could grab an image of a wet ink signature, crop it and use it apply it to a document as if they were the original signer. In others words, in the electronic world a wet ink signature is not very secure. However, a digital signature cryptographically binds the signer to the document. As long as the digital ID used to create the digital signature comes from a trusted third party (i.e. a certificate authority that vettes the identity of the individual before they issue the digital ID) then you are get two things from the digital signature. One is document integrity (you will know if the document has been altered post signing), and the other is non-repudiation (the signer cannot deny that they were the person that applied the digital signature). If you are accepting digital IDs (it's the "manage trusted identities" thing you mentioned) issued by a certificate authority that does not vette the identity of the signer then you have to be a bit more leery of trusting the signer.
    I don't know if the Entrust signature method has the ability to add a custome appearance that includes the wet ink facsimile, but if it does, your client could create a digital signature whose appearance looks like a wet ink signature. However, the bottom line is the lack of a wet ink  facsimile is not a cause of concern when it comes to digital signatures  in PDF files.
    Steve

Maybe you are looking for

  • Can't open documents created in Pages with macBook pro running maverick

    Hello, I just bought the new MacBook Pro and downloaded iWork.  Now when I create a document in Pages and save it to Documents, I can't open it.  I get an error messages saying a file is missing.  Also, all my old documents created with Pages that I

  • How to I unlock my iPod touch

    How do I unlock my ipod touch? I have forgotten the passcode.

  • Remove anchor from the first level in Breadcrumb

    Hi All, I am trying to display the selected navigation path in the breadcrumb. The requirement is to disable hyperlink in the first level of the breadcrumb. For ex:  Home > News> Local News, here  Home should be displayed without hyperlink I used the

  • FAGL_ACTIVATION

    Hello, In sandbox when I try to activate new GL, I get the following error "View/table V_FAGL_ACTIVEC can only be displayed and maintained with restrictions" SU53 screen shows "the authorisation check is successful" How can I resolve this ?

  • Panel Sets in v4.5

    Hello, I was trying to set up this component, but am lost. I looked for help, but did not see any utorials or anything like that. I did come across this article http://www.everythingxcelsius.com/search?q=panel+set which said that they could not find