Set smart card as default "sign-in option"?
Just wondering if anyone knows if its possible to set the default logon prompt as smart card?
Currently, it prompts you with the last used method (i.e. username and password or smart card and pin).
I know that you can force smart card only logon by "scforce" Group Policy (Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Option), but I want to keep the options and just make it a default option.
I also tried changing the "LastLoggedOnProvider" in the to the smartcard option here "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI" and here "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\SessionData",
but this did not make any difference.
Hi Karen. I would like user to be presented with "smart card sign-in" as the default option. Sorry, I cannot final a relevant image on-line of what this looks like in 8.1. But I also want the option of username and password to still be available.
This can be done by clicking on "sign-in options".
For example in the W7 image below, you can see what the smartcard default logon looks like. But you still have the "switch user" button which gives the option of alternative logon methods.
As stated earlier, I don't want the GP to force "Interactive logon: Require smart card", as this will mean smartcard is the ONLY method available of logging in.
Similar Messages
-
[LENOVO Y50-70] How To Set NVIDIA Card as Default Graphic Adapter
I have just bought Lenovo Y50-70. But i wonder how to set NVIDIA Card as default Graphic Adapter instead using Intel Card. Thanks
hi monx,
Welcome to the Forums.
The Y50-70 uses Nvidia Optimus Technology to automatically switch between the Intel GPU (for power saving) and Nvida GPU (for maximum performance).
To manually set the default graphics adapter, you will need to set this inside the Nvidia Control Panel > Manage 3D Settings.
- Sample image
More info:
http://support.lenovo.com/us/en/documents/ht071337
Regards -
Set default Sign-in option to Domain credentials
Hi there, our Windows 8.1 enterprise domain joined clients are set to logon using Email address by default instead of domain credentials. Anyone knows how to change this?
any help would be appreciated!Hi,
Try to deploy this policy:
Local Computer Policy | Computer Config | Administrative | System | Logon | “Assign default domain for logon”.
Kate Li
TechNet Community Support -
Hi Everyone,
Just seeing if anyone knows a fix for this, basically when I deploy Win 8.1 using SCCM 2012, the deployment is successful, joins to the domain during the task sequence.
My issue at the moment is that, at the login screen it's defaulted to sign-in with email address (microsoft account) below I can select Domain or Fingerprint
How do I change it so that it defaults to Domain sign-in, when I deploy Win 8.1 without Fingerprint software, it defaults to domain sign-in which I'm after.
Device is Lenovo ThinkPad x240 AL
Many thanks,
MaxHi,
According to your description, I'm not sure whether your system deployment is full successfully, if your system just had one User Account, you will doesn't have switch user option at login screen.
So, firstly, please check your computer user account after you login into system, make sure your domain user account has been created and enabled.
Scondly, try to use Switch User feature at Start Screen for test, make sure your system work properly. if not, you can try to use
netplwiz command to open User Account. In this interface, you can choose which user account as default user.
If you need further assistance on this particular issue or any other Windows related issue, let us know and we will be glad to assist you.
Roger Lu
TechNet Community Support -
The army AKO email forces me to redo my password every month unless I use my Cac Card to sign in. How do I get Thunderbird to read my Cac Card and use that to sign into my ako email with? I have found a step-by-step process online (http://militarycac.com/files/Thunderbird_CAC_Digital_Signature.pdf) however when I get to the ActivClient download (step one) it tells me that installing ActivClient might make things not work. Is there an easy way to do this? Please help!
Follow the guide in the pdf at the link below, it should fix the problem:
[http://enterprise-email.org/joint-knowledge-online-cac-login-troubleshooting/ http://enterprise-email.org/joint-knowledge-online-cac-login-troubleshooting/] -
Problem Signing Email with Digital Certificate from Smart Card, Outlook 2013
Hi there, I'm the IT guy for a small company. I've configured several people in the company to use their smart cards for email signing through Outlook 2013, but a a few computers are giving me this error:
"Microsoft Outlook cannot sign or encrypt this message because there are no certificates which can be used to send from the e-mail address '<e-mail address>'. Either get a new digital ID to use with this account, or use the Accounts button to
send the message using an account that you have certificates for."
I've been in the Trust Center, I see the signing and encrypting certificates. (SHA-1 and 3DES). Yet when I try to sign, Outlook always fails on the error.
For my computer, I was able to fix this by adding a "SupressNameChecks" DWORD set to 1 in the Registry under HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Outlook. However, this fix is not working for the other people in the company.
Any other ideas? Really pulling my hair out on this one, I've tried everything I could find on the net it seems.Hi,
Please checked “E-mail name” under the section ‘Include this information in alternate subject name” on the Subject Name tab of the certificate template.
We can export the entrust managed services root CA cert from a working machine and import into the trusted root store of a non-working machine. For detailed steps about it, please refer to:
How To Import and Export Certificates So That You Can Use S/MIME in Outlook Web Access on Multiple Computers
http://support.microsoft.com/kb/823503/en-us
Hope it helps.
Regards,
Winnie Liang
TechNet Community Support -
Hi everyone,
OK so I've deployed some new Lenovo tablets with Windows 8.1 Pro.
After doing the latest round of updates, the sign in screen no longer defaults to the 'Local or Domain' account option.
So users have to click on 'Sign In Options', then select the left key icon and then they can login with their domain accounts.
The machines are of course added to our domain.
Now as a public organisation, we won't be asking users to link their MS accounts to any Windows 8 / 8.1 machines. I've had a quick look on the local Group Policy but can't find anything that will allow me to set the Local or Domain Account sign in
option as the default.
So my questions are:
1) How do I set the Windows 8.1 Sign In options to default to the 'Local or Domain Account' option?
2) Can I disable the Microsoft Account sign in option?
Thanks for your help.
FahidHi,
For the first question, we might take a workaround to disable
do not display the last user logon name
in logon screen policy, this makes the last user name displays on the logon screen. If the user logged in domain, then it will stay in the domain accounts.
Regarding Microsoft account sign-in, we could block it using Accounts: Block Microsoft accounts policy(available on Windows Server 2012 and Windows 8/8.1):
GPO_name\Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options
More information, please see:
Accounts: Block Microsoft accounts
Also some workaround:
How to block Microsoft accounts in Windows 8 without Server 2012
Please note: Since the website is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
Best regards
Michael Shao
TechNet Community Support -
Smart Card Problem in Java with server
Hi everybody.I use smart card authentication to sign my web application which was deployed in apache tomcat and I use servlet & jsp fro developing this web application.When deploy application on local machine there is no problem.
public String getInfo(String password) {
String certInfo = "";
try {
String configName = "C:/smartcards/config/pkcs11.cfg";
String PIN = password;
Provider p = new sun.security.pkcs11.SunPKCS11(configName);
Security.addProvider(p);
((SunPKCS11) p).logout();
KeyStore keyStore = KeyStore.getInstance("PKCS11");
char[] pin = PIN.toCharArray();
keyStore.load(null, pin);
Enumeration aliasesEnum = keyStore.aliases();
String alias = (String) aliasesEnum.nextElement();
X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);
certInfo += cert.toString();
} catch (Exception e) {
System.out.println(e.getMessage());
return certInfo;
The preceding method return String which was stored in smart card when I pass password of smart card.If password wrong load failed.
Then I deployed this web app in the server.When I run this app everything is ok when I also remote desktop connected to server.When I close RDP I get Token has been removed exception on web server.How can I solve this problem.I want to also sign to app without remote desktop connection.Use PreparedStatement and SimpleDateFormat classes
http://onesearch.sun.com/search/onesearch/index.jsp?qt=%2BPreparedStatement+%2BSimpleDateFormat+&qp=siteforumid%3Ajava48&chooseCat=allJava&col=developer-forums&site=dev -
Hello.
Several months ago I worked with VDI3 beta, and could not use the product without smart cards. I have 3000 users here at the University, and smart cards will never be an option in our environment (think about 18 year-olds being given a smart card, and how long it takes them to forget or lose it). Does VDI3 EA have the ability to assign VM's from simple user logins from LDAP/AD/etc/files accounts?
regards,
-damonHi Damon,
You can do that in VDI3 EA with LDAP/AD.
You can assign any user to the desktop or may be the pool. After configuring VDI you'll get a SVDC login screen on Sunray DTU wherein this user can enter his username and password and get the session of assigned desktop.The user get an option to select between the pools/desktops in case of multiple assignments.
Regards,
--Chirag -
Windows 8.1 default logon prompt for smart card instead of username/password
Hello,
We are currently in our pre-deployment test phase for Windows 8.1 and are trying to knock out the high visibility problems that we notice. One of the issues we've noticed:
When logging into Windows, the default prompt is for a username/password. all of our users are using smart cards, so they have to click "sign-in options", click the smart card icon, and then enter their PIN. How would I change the startup
screen to default to smart card?
Also, when locking the screen by removing the card it again prompts for the username/password when unlocking the screen. So the users again have to click on "sign-in options" and select the smart card, otherwise they risk locking out their
account by entering the PIN in the username/password field.
when locking the screen via ctrl-alt-del or windows-L unlocking does default to the smart card, so I know it can be done!
thanks,
-NickHi,
I'm afraid we couldn't change the Sign-in Options order, I checked GP and Registry, there is no way to do it.
However, there is another way is just enable "Require smart card" In GP. While after this policy enabled, All users will have to use smart cards to log on to the network. This means that the organization must have a reliable public key infrastructure (PKI)
in place, and provide smart cards and smart card readers for all users.
Location: GPO_name\Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options
Roger Lu
TechNet Community Support -
Problem signing certificates from external token (smart card)
I can not sign PDF documents with an external token (smart card) through a card reader of a Cherry keyboard.
The card drivers perfectly detect the card and certificates in it, however when trying to sign a certificate in Adobe and select the location of the certificate click in the option "A device attached to this computer" ... I get an error indicating that no device is connected to the computer appears.
I have tried several different card readers, it seems a problem of drives because the middleware card recognizes all tested certificates readers, however it seems that Adobe is not able to find the card reader. It has happened with several teams. In one team made a clone and deploy it to another machine with the same hardware environment, the firm run properly in the pdf that clone, however on the original computer is not working.
You have any idea what could be the problem? Thank you very much in advance.If the digital ID's corresponding public-key certificate is not getting added to either the Windows Certificate Store, or Mac Keychain Access when you plug the card into the card reader, then you need to load the PKCS#11 module via the Acrobat UI. The module will be a DLL on Windows or a bundle file on the Mac. The problem is there is no one file name to look for, you would need to consult the hardware's documentation to find the name of the file. Once you know the name you can add the P11 module from the Security Settings dialog and then Acrobat will then see the digital ID(s) loaded on the smart card.
Steve -
Error encountered while signing. Windows cryptographic service provider reported an error. Object not found. Error code:2148073489. Windows 7, Adobe Reader XI, Symantec PKI, Smart Card and CAC. I have seen other threads for this error but none have a resolution. Any help would be appreciated.
Sorry for the long title, first time poster here.This thread is pretty old, are you still having this issue?
-
How can I set the default sign in the mail accounts? thank you
How can I set the default sign in the mail accounts? thank you
From the Mail menu bar, select
Mail ▹ Preferences ▹ Signatures
Drag the signature to each of the desired accounts in the list on the left. If you want it to be the default signature added to all messages sent from that account, select the account, and then select from the Choose Signature menu at the bottom of the dialog. -
Problem signing PDF from smart card - BouncyCastle, IAIK Wrapper, iText
Hello!
I need to sign and timestamp a PDF document with a smartcard. I'm using Java 1.6, iText to manage PDF, BouncyCastle to deal with cryptography and the free IAIK WRAPPER to access the smartcard.
I've already searched the Internet to solve my problem, read the PDF specifications about the signature and followed snippets that should've worked, but after a couple of weeks I still don't have working code, not even for the signature. All the tries I made yield messages like "Signature has been corrupted" or "Invalid signature" (I can't remember the exact messages, but they're not in English anyway :D ) when I verify the signature in Adobe Reader.
My first goal was to use an encapsulated signature, using filter Adobe.PPKLITE, subfilter adbe.pkcs7.sha1 and a DER-Encoded PKCS#7 object as content.
Among the tries I made, I used code such as (I don't include all modifications, just the ones I deem closer to the right approach):
// COMMON - START
///// selectedKey is a iaik.pkcs.pkcs11.objects.Key instance of the private key I'm taking from the SC
RSAPrivateKey signerPrivKey=(RSAPrivateKey)selectedKey;
CertificateFactory certificateFactory=CertificateFactory.getInstance("X.509");
///// correspondingCertificate is a iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate instance of the certificate I'm taking from the SC
byte[] derEncodedCertificate=correspondingCertificate.getValue().getByteArrayValue();
X509Certificate signerCert=(X509Certificate)certificateFactory.generateCertificate(new ByteArrayInputStream(derEncodedCertificate));
Provider provider=new BouncyCastleProvider();
Security.addProvider(provider);
///// session is an instance of iaik.pkcs.pkcs11.Session
session.signInit(Mechanism.SHA1_RSA_PKCS, signerPrivKey);
File theFile = new File("C:\\toSign.pdf");
FileInputStream fis = new FileInputStream(theFile);
byte[] contentData = new byte[(int) theFile.length()];
fis.read(contentData);
fis.close();
PdfReader reader = new PdfReader(contentData);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
PdfStamper stp = PdfStamper.createSignature(reader, baos, '\0');
PdfSignatureAppearance sap = stp.getSignatureAppearance();
// COMMON - END
java.security.cert.X509Certificate[] certs=new java.security.cert.X509Certificate[1];
CertificateFactory factory=CertificateFactory.getInstance("X.509");
certs[0]=(X509Certificate)factory.generateCertificate(new ByteArrayInputStream(correspondingCertificate.getValue().getByteArrayValue()));
sap.setSignDate(new GregorianCalendar());
sap.setCrypto(null, certs, null, null);
sap.setReason("This is the reason");
sap.setLocation("This is the Location");
sap.setContact("This is the Contact");
sap.setAcro6Layers(true);
PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE, PdfName.ADBE_PKCS7_SHA1);
dic.setDate(new PdfDate(sap.getSignDate()));
dic.setName(PdfPKCS7.getSubjectFields((X509Certificate)certs[0]).getField("CN"));
sap.setCryptoDictionary(dic);
int csize = 4000;
HashMap exc = new HashMap();
exc.put(PdfName.CONTENTS, new Integer(csize * 2 + 2));
sap.preClose(exc);
MessageDigest md = MessageDigest.getInstance("SHA1");
InputStream s = sap.getRangeStream();
int read = 0;
byte[] buff = new byte[8192];
while ((read = s.read(buff, 0, 8192)) > 0)
md.update(buff, 0, read);
byte[] signature=session.sign(buff);
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
ArrayList list = new ArrayList();
for (int i = 0; i < certs.length; i++)
list.add(certs);
CertStore chainStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(list), provider);
generator.addCertificatesAndCRLs(chainStore);
CMSProcessable content = new CMSProcessableByteArray(md.digest());
CMSSignedData signedData = generator.generate(CMSSignedDataGenerator.ENCRYPTION_RSA, content, true, provider);
byte[] pk = signedData.getEncoded();
byte[] outc = new byte[csize];
PdfDictionary dic2 = new PdfDictionary();
System.arraycopy(pk, 0, outc, 0, pk.length);
dic2.put(PdfName.CONTENTS, new PdfString(outc).setHexWriting(true));
sap.close(dic2);
File newOne = new File("C:\\signed.pdf");
FileOutputStream fos = new FileOutputStream(newOne);
fos.write(baos.toByteArray());
fos.close();
I figured this is the right approach, but I need a way to generate the CMSSignedData instance, which can't be done using addSigner (the only documented way I found), since the private key is not extractable from a smart card...
Then I decided to give up and try with a detached signature:
// COMMON - START
// Same as above
// COMMON - END
sap.setSignDate(new GregorianCalendar());
java.security.cert.X509Certificate[] certs=new java.security.cert.X509Certificate[1];
CertificateFactory factory=CertificateFactory.getInstance("X.509");
certs[0]=(X509Certificate)factory.generateCertificate(new ByteArrayInputStream(correspondingCertificate.getValue().getByteArrayValue()));
sap.setCrypto(null, certs, null, PdfSignatureAppearance.SELF_SIGNED);
sap.setSignDate(java.util.Calendar.getInstance());
sap.setExternalDigest (new byte[8192], new byte[20], "RSA");
sap.preClose();
MessageDigest messageDigest = MessageDigest.getInstance ("SHA1");
byte buff[] = new byte[8192];
int n;
InputStream inp = sap.getRangeStream ();
while ((n = inp.read (buff)) > 0)
messageDigest.update (buff, 0, n);
byte hash[] = messageDigest.digest();
byte[] signature=session.sign(hash);
PdfSigGenericPKCS sg = sap.getSigStandard ();
PdfLiteral slit = (PdfLiteral)sg.get (PdfName.CONTENTS);
byte[] outc = new byte[(slit.getPosLength () - 2) / 2];
PdfPKCS7 sig = sg.getSigner ();
sig.setExternalDigest (session.sign(hash), hash, "RSA");
PdfDictionary dic = new PdfDictionary ();
byte[] ssig = sig.getEncodedPKCS7();
System.arraycopy (ssig, 0, outc, 0, ssig.length);
dic.put (PdfName.CONTENTS, new PdfString (outc).setHexWriting(true));
sap.close (dic);
File newOne = new File("C:\\signed.pdf");
FileOutputStream fos = new FileOutputStream(newOne);
fos.write(baos.toByteArray());
fos.close();
I'm still stuck to the signature process, can anyone please tell me what I'm doing wrong and help me (snippets would be deeply appreciated), maybe even changing approach in order to be able to add a digital timestamp?
Thank you very much in advance!
PS: I had also tried to use the SunPKCS11 provider to access the smart card, I gave up for similar problems, but if someone has suggestions using it, they're welcome! :DHello!
I need to sign and timestamp a PDF document with a smartcard. I'm using Java 1.6, iText to manage PDF, BouncyCastle to deal with cryptography and the free IAIK WRAPPER to access the smartcard.
I've already searched the Internet to solve my problem, read the PDF specifications about the signature and followed snippets that should've worked, but after a couple of weeks I still don't have working code, not even for the signature. All the tries I made yield messages like "Signature has been corrupted" or "Invalid signature" (I can't remember the exact messages, but they're not in English anyway :D ) when I verify the signature in Adobe Reader.
My first goal was to use an encapsulated signature, using filter Adobe.PPKLITE, subfilter adbe.pkcs7.sha1 and a DER-Encoded PKCS#7 object as content.
Among the tries I made, I used code such as (I don't include all modifications, just the ones I deem closer to the right approach):
// COMMON - START
///// selectedKey is a iaik.pkcs.pkcs11.objects.Key instance of the private key I'm taking from the SC
RSAPrivateKey signerPrivKey=(RSAPrivateKey)selectedKey;
CertificateFactory certificateFactory=CertificateFactory.getInstance("X.509");
///// correspondingCertificate is a iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate instance of the certificate I'm taking from the SC
byte[] derEncodedCertificate=correspondingCertificate.getValue().getByteArrayValue();
X509Certificate signerCert=(X509Certificate)certificateFactory.generateCertificate(new ByteArrayInputStream(derEncodedCertificate));
Provider provider=new BouncyCastleProvider();
Security.addProvider(provider);
///// session is an instance of iaik.pkcs.pkcs11.Session
session.signInit(Mechanism.SHA1_RSA_PKCS, signerPrivKey);
File theFile = new File("C:\\toSign.pdf");
FileInputStream fis = new FileInputStream(theFile);
byte[] contentData = new byte[(int) theFile.length()];
fis.read(contentData);
fis.close();
PdfReader reader = new PdfReader(contentData);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
PdfStamper stp = PdfStamper.createSignature(reader, baos, '\0');
PdfSignatureAppearance sap = stp.getSignatureAppearance();
// COMMON - END
java.security.cert.X509Certificate[] certs=new java.security.cert.X509Certificate[1];
CertificateFactory factory=CertificateFactory.getInstance("X.509");
certs[0]=(X509Certificate)factory.generateCertificate(new ByteArrayInputStream(correspondingCertificate.getValue().getByteArrayValue()));
sap.setSignDate(new GregorianCalendar());
sap.setCrypto(null, certs, null, null);
sap.setReason("This is the reason");
sap.setLocation("This is the Location");
sap.setContact("This is the Contact");
sap.setAcro6Layers(true);
PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE, PdfName.ADBE_PKCS7_SHA1);
dic.setDate(new PdfDate(sap.getSignDate()));
dic.setName(PdfPKCS7.getSubjectFields((X509Certificate)certs[0]).getField("CN"));
sap.setCryptoDictionary(dic);
int csize = 4000;
HashMap exc = new HashMap();
exc.put(PdfName.CONTENTS, new Integer(csize * 2 + 2));
sap.preClose(exc);
MessageDigest md = MessageDigest.getInstance("SHA1");
InputStream s = sap.getRangeStream();
int read = 0;
byte[] buff = new byte[8192];
while ((read = s.read(buff, 0, 8192)) > 0)
md.update(buff, 0, read);
byte[] signature=session.sign(buff);
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
ArrayList list = new ArrayList();
for (int i = 0; i < certs.length; i++)
list.add(certs);
CertStore chainStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(list), provider);
generator.addCertificatesAndCRLs(chainStore);
CMSProcessable content = new CMSProcessableByteArray(md.digest());
CMSSignedData signedData = generator.generate(CMSSignedDataGenerator.ENCRYPTION_RSA, content, true, provider);
byte[] pk = signedData.getEncoded();
byte[] outc = new byte[csize];
PdfDictionary dic2 = new PdfDictionary();
System.arraycopy(pk, 0, outc, 0, pk.length);
dic2.put(PdfName.CONTENTS, new PdfString(outc).setHexWriting(true));
sap.close(dic2);
File newOne = new File("C:\\signed.pdf");
FileOutputStream fos = new FileOutputStream(newOne);
fos.write(baos.toByteArray());
fos.close();
I figured this is the right approach, but I need a way to generate the CMSSignedData instance, which can't be done using addSigner (the only documented way I found), since the private key is not extractable from a smart card...
Then I decided to give up and try with a detached signature:
// COMMON - START
// Same as above
// COMMON - END
sap.setSignDate(new GregorianCalendar());
java.security.cert.X509Certificate[] certs=new java.security.cert.X509Certificate[1];
CertificateFactory factory=CertificateFactory.getInstance("X.509");
certs[0]=(X509Certificate)factory.generateCertificate(new ByteArrayInputStream(correspondingCertificate.getValue().getByteArrayValue()));
sap.setCrypto(null, certs, null, PdfSignatureAppearance.SELF_SIGNED);
sap.setSignDate(java.util.Calendar.getInstance());
sap.setExternalDigest (new byte[8192], new byte[20], "RSA");
sap.preClose();
MessageDigest messageDigest = MessageDigest.getInstance ("SHA1");
byte buff[] = new byte[8192];
int n;
InputStream inp = sap.getRangeStream ();
while ((n = inp.read (buff)) > 0)
messageDigest.update (buff, 0, n);
byte hash[] = messageDigest.digest();
byte[] signature=session.sign(hash);
PdfSigGenericPKCS sg = sap.getSigStandard ();
PdfLiteral slit = (PdfLiteral)sg.get (PdfName.CONTENTS);
byte[] outc = new byte[(slit.getPosLength () - 2) / 2];
PdfPKCS7 sig = sg.getSigner ();
sig.setExternalDigest (session.sign(hash), hash, "RSA");
PdfDictionary dic = new PdfDictionary ();
byte[] ssig = sig.getEncodedPKCS7();
System.arraycopy (ssig, 0, outc, 0, ssig.length);
dic.put (PdfName.CONTENTS, new PdfString (outc).setHexWriting(true));
sap.close (dic);
File newOne = new File("C:\\signed.pdf");
FileOutputStream fos = new FileOutputStream(newOne);
fos.write(baos.toByteArray());
fos.close();
I'm still stuck to the signature process, can anyone please tell me what I'm doing wrong and help me (snippets would be deeply appreciated), maybe even changing approach in order to be able to add a digital timestamp?
Thank you very much in advance!
PS: I had also tried to use the SunPKCS11 provider to access the smart card, I gave up for similar problems, but if someone has suggestions using it, they're welcome! :D -
Signing with Smart Card (PKCS#11)
I'm trying to sign my .jar with ActivCard smart card and jarsigner.exe, but I got NullPointerException. I have succeeded to get list of certificates present on smart card. Is there better PKCS#11 provider then sun.security.pkcs11.SunPKCS11?
I receive the following error message when trying to sing a jar file using a PKI card:
jarsigner: Certificate chain not found for: Random. Random must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.This is the command line:
"C:\Program Files\Java\jdk1.5.0_04\bin\jarsigner" -keystore NONE -storetype PKCS11 -signedjar D:\Work_Java\Random\sRandom.jar -verbose D:\Work_Java\Random\Random.jar RandomWhat does this mean?
Maybe you are looking for
-
Problem Calling Oracle Stored Procedure From JAVA
Hello all. I've been banging my head against this all day: Here's the procedure I'm calling: GetIDsByLatLonRadius(inLatitude IN NUMBER, inLongitude IN NUMBER, inRadius IN NUMBER, inTableName IN VARCHAR2, inIDColName IN VARCHAR2, inLatColName IN VARCH
-
FCPX Chose specific secondary display
Hi all, I'm editing on a Mac Pro with three displays and I have my Events on a secondary display. How can I control which display is considered my secondary? FCPX seems to randomly choose a display and put my Events browser on it. There doesn't appea
-
I want to change my symbian nokia 5230 to belle
i want to change my symbian nokia 5230 to belle i want to try something new
-
Hi, We are on SRM_SERVER 550, SP11, SAP 4.7 backend. While performing Service confirmations in SRM, Requester is able to change the Acccount Assignment category, while for Goods confirmation this field is Read only. Please let me know if this is a st
-
Mass Upload - ALE/IDOC or BAPI approch
Hi Guys, I have to upload material master and we have options to do it by either ALE/IDOC or BAPI approach. The quantity of materials is quite huge. I tried to find some comparison about different approaches so as to know when to use what but not abl