Certifies
the specified signature field that is located in the PDF document
by using the security credential that corresponds to the specified
alias. You can apply a certifying signature only if the PDF document
does not already contain other digital signatures. The alias must
map to a valid credential that is already located in Trust Store
Management. (See
Trust Store Management Help
.)
For example, your application must apply certification signature
to multiple PDF forms before saving them to network location. The
PDF document has a an existing signature field on it. The certification
signature must allow a user to sign and fill in the form but not
add or remove pages from it. You use the Certify operation to add
the certification signature before it is saved to a network location
during runtime.
Any combination of encrypting, certifying, and applying usage
rights to the same document must occur within a short-lived process
and must occur in the following order:
-
Encrypt (
Encryption
service
or the
Apply policy operation (deprecated)
operation of the Rights Management service)
-
Certify PDF
-
Apply Usage Rights operation
(Reader Extensions service)
You can also certify a PDF package. The cover sheet in a certified
PDF package can be an interactive form; however, the files contained
in the package must not be interactive. The certification for a
PDF package becomes compromised if any of the component files are
modified, even if the component file’s certification allows form
fill-in.
To create a certified PDF package, apply operations in the following
order. These services must be invoked within a short-lived process:
-
(Optional) For each document to be contained in the PDF package,
encrypt, or policy-protect, and then certify. The files in the PDF package
cannot be interactive forms; therefore, do not apply usage rights.
-
Assemble the PDF package.
-
(Optional) Encrypt or policy-protect the PDF package.
-
Certify the PDF package.
-
Apply usage rights to the PDF package.
You can also create a process that consumes component files that
are already encrypted, policy-protected, or certified. If any of
the component files consumed by your process are encrypted or policy-protected,
ensure that your DDX file defines them. You design the DDX file
so that the Assembler service does not have to open the component
files. To prevent opening component files, use the DDX
PackageFiles
source
element instead of the DDX
PackageFiles
filter
element in the DDX file.
For information about the General and Route Evaluation property
groups, see
Common operation properties
.
Common properties
Properties to specify the PDF document, credential, and
other certification values.
Input PDF
A
document
value
that represents the PDF document to certify.
If you provide
a literal value, clicking the ellipsis button opens the Select Asset
dialog box. (See
About Select Asset
.)
When you provide a PDF document that
has signature fields that are signed, it populates the Signature
Field Name property as a list. The list contains fully qualified
names of the signature fields in the PDF document. If the document
is signed, an exception is thrown because a certification signature
must be the first signature in the PDF document.
Certifying Credential
A
Credential
value
that represents the security credential that is used to sign the
PDF document.
If you provide a literal value, you can configure
the following options.
-
Use SPI:
-
Select this option to use the credentials from the SPI. When
this option is deselected, local credentials are used. By default,
the option is deselected.
-
Alias:
-
Sets an alternative name for a credential managed by the
Signature service. By default, a list of all signing credentials
is provided. The list of credentials is comprised of Local and HSM
credentials configured in Trust Store on the LiveCycle server.
-
SPI Name:
-
Sets the name of the SPI that is provided to the Signature
service. The SPI is used to extend the digital signatures functionality
when credentials are not exposed to the LiveCycle server. This option
is available when the Use SPI option is selected. No default value
is provided.
-
Certificate:
-
Sets the location of the certificate on the file system.
No default value is provided. This option is available when the Use
SPI option is selected. No default value is provided.
When
you click the ellipsis button
, the
Open dialog box opens. In the dialog box, you can select a file
from your computer or from a network location. During run time,
if you selected a file from a location on your computer, it must
exist in the same location on the LiveCycle server.
-
SPI Properties:
-
Sets the location of the properties file to pass custom inputs
to an implementation of the SPI. This option is available when the
Use SPI option is selected. No default value is provided.
If
you provide a literal value, clicking the ellipsis button
opens
the SPI properties dialog box. (See
SPI Properties
.) In the dialog box, add, remove, and edit
the keys and values for each SPI property. The SPI implementation
determines the keys that you provide. For information about creating
custom service providers, see
Programming with LiveCycle ES2.5
.
Signature Field Name
(Optional) A
string
value
that represents the name of the signature field in the PDF document
that is signed. Before a PDF document can be signed, the signature
field must exist, be unsigned, and have permissions for signing.
The fully qualified name of the signature field is specified. If
the signature field name is not specified, the Signature service
adds an invisible signature field with an automatically generated
name.
When using a PDF document based on a form created in
Designer, the partial name of the signature field can also be used.
For example,
form1[0].#subform[1].SignatureField3[3]
can
be specified as
SignatureField3[3]
. If multiple signature
fields exist with a similar partial name, the first signature field enumerated
with the same partial name is signed. It is recommended that a fully qualified
name is used to avoid these situations.
If you provide a
literal value for the Signature Field Name property and a literal
value is provided in the Input PDF property, a list appears. Select
one of the values from the list of fully qualified names. Each fully
qualified name represents a signature field in the provided PDF
document.
Document MDP Permissions
(Optional) An
MDPPermissions
value
that represents the permissions that control the actions an end
user can perform on a document without making the certification
signature invalid.
If you provide a literal value, select
one of these values:
-
No Changes Allowed:
No
changes to the document are permitted. Any change invalidates the
signature.
-
Form Fill-in and Digital Signatures:
Permitted changes include
filling in forms, instantiating page templates, and signing.
-
Annotations, Form Fill-in, and Digital Signatures:
Permitted
changes include filling in forms and instantiating page templates, as
well as creating, deleting, and modifying annotations.
Digest Hashing Algorithm
(Optional)
A
HashAlgorithm
value that
represents the hash algorithm that is used to digest the PDF document.
If
a literal value is provided, select one of these values:
-
SHA1:
-
The Secure Hash Algorithm that has a 160-bit hash value.
-
SHA256:
-
(Default) The Secure Hash Algorithm that has a 256-bit hash
value.
-
SHA384:
-
The Secure Hash Algorithm that has a 384-bit hash value.
-
SHA512:
-
The Secure Hash Algorithm that has a 512-bit hash value.
-
RIPEMD160:
-
The RACE Integrity Primitives Evaluation Message Digest that
has a 160-bit message digest algorithm and is not FIPS-compliant.
Embed Revocation Information
(Optional) A
boolean
value
that specifies whether revocation checking is performed for the
signer's certificate. If revocation checking is done, it is embedded
in the signature and then used during validation. It also enables
the PDF file to be stored for long-term validation. A value of
False
means
that revocation-checking is not performed and the values for the
OCSP Options Spec property cannot be modified. The default value
is
True
, which means that revocation checking is
performed and the values for the OCSP Options Spec property can
be modified.
If a literal value is provided, by default, the
option is selected. When selected, it means that revocation checking
is not performed and the values for the OCSP Options Spec property
cannot be modified. When the option is deselected, it means that
revocation checking is not performed and the values for the OCSP Options
Spec property cannot be modified.
Lock Certifying Signature Field
(Optional) A
boolean
value
that specifies whether the signature field is locked after it is
used to certify the document. If the field is locked, the signature
field cannot be modified or cleared without the certifying credential.
The default setting is
False
, which means the signature
field is not locked.
If the Process Documents With Acrobat
9 Compatibility service configuration property is selected, the
signature field is locked. (See
Signature service configuration
.)
If a literal value is provided, by
default, the option is selected. When selected, it means that the
signature field is locked. When the option is deselected, it means
that the signature fields are not locked.
Appearance properties
Properties to set the appearance of the certification.
Reason
(Optional)
A
string
value
that represents the reason for signing the PDF document.
If
you provide a literal value, type a string or choose one of the
following values:
-
I am the author of this document
-
I have reviewed this document
-
I am approving this document
-
I attest to the accuracy and integrity of this document
-
I agree to the terms defined by the placement of my signature
on this document
-
I agree to the specified portions of this document
Location
(Optional)
A
string
value
that represents the location of the signer.
Contact Information
(Optional) A
string
value
that represents the contact information, such as an address and
a telephone number, of the person who signed the PDF document.
Legal Attestation
(Optional) A
string
value
that represents an additional explanation of the content that generates
warnings. For more information on legal attestations, see the
PDF Reference
.
Appearance Options Spec
(Optional)
A
PDFSignatureAppearanceOptionSpec
value
that represents options for the signature appearance. If you provide
a literal value, specify the following options.
-
Signature Type:
-
Sets the appearance type of the signature. The default value
is Name. Select one of these values:
-
No Graphic:
The
appearance of the signature consists of only the signature text.
-
Graphic:
The appearance of the signature consists
of a graphic area and a text area. The graphic area displays the
PDF document specified by the Graphic PDF Document option. The text
area displays the signature text.
-
Name:
The appearance of the signature consists of
a graphic area and a text area. The graphic area displays a graphic
of the name of the signer and the text area displays the signature text.
-
Graphic PDF Document:
-
Sets the graphic that is displayed within the signature if
a signature type of Graphic is used. Only a PDF file can be used.
This option can be set if Graphic is selected in the Signature Type list.
When
you click the ellipsis button
, the
Open dialog box opens. In the dialog box, you can select a file
from your computer or from a network location. During run time,
if you selected a file from a location on your computer, it must
exist in the same location on the LiveCycle server.
-
Use Default Adobe PDF Logo:
-
Select this option to display the default Adobe PDF logo
within the signature appearance. When this option is deselected,
the Adobe PDF logo is not displayed. By default, the option is selected.
-
Logo PDF Document:
-
Sets a PDF document to display within the signature appearance.
The PDF document contains an image to display. This option can be
set when the Use Default Adobe PDF Logo option is deselected.
When
you click the ellipsis button, the Open dialog box opens. In the
dialog box, you can select a file from your computer or from a network
location. During run time, if you selected a file from a location
on your computer, it must exist in the same location on the LiveCycle
server.
-
Logo Opacity:
-
Sets the opacity of the logo that is displayed within the
signature. Valid values are from
0.0
(fully transparent)
to
1.0
(fully opaque). Can be set only if Use Default
Adobe PDF Logo is deselected. If any value outside this range is specified,
the default of
0.50
is used.
-
Text Direction:
-
Sets the direction of the text displayed within the signature.
The default value is Auto. Select one of these values:
-
Auto:
Use the direction specified by the PDF document.
-
Left:
The text direction is left to right.
-
Right:
The text direction is right to left.
-
Show Name:
-
Select this option to display the name of the signer in the
digital signature. When this option is deselected, the name of the
signer is not displayed. By default, the option is selected.
-
Show Date:
-
Select this option to display the date the PDF document was
signed in the digital signature. When this option is deselected,
the date is not displayed. By default, the option is selected.
-
Show Reason:
-
Select this option to display the reason the PDF document
was signed in the digital signature. When this option is deselected,
the reason is not displayed. By default, the option is selected.
-
Show Location:
-
Select this option to display the location the PDF document
was signed in the digital signature. When this option is deselected,
the location is not displayed. By default, the option is selected.
-
Show Distinguished Name:
-
Select this option to display the certificate of the signer
in the digital signature. When this option is deselected, the certificate
is not displayed. By default, the option is selected.
-
Show Labels:
-
Select this option to display the labels for the preceding
display items. When this option is deselected, the labels for the
preceding display items are not displayed. By default, the option
is selected.
Advanced properties
Properties for setting optional advanced parameters. The
OCSP Options Spec and CRL Options Spec properties can be modified
when the
Embed Revocation Information
for this operation is set to
True
.
OCSP Options Spec
(Optional)
An
OCSPOptionSpec
value
that represents settings for using Online Certificate Status Protocol
(OCSP) revocation checking. To provide a literal value, specify
the following options.
URL to Consult Option:
Sets
the list and order of the OCSP servers used to perform the revocation
check. Select one of these values:
-
UseAIAInCert:
-
(Default) Use the URL of an online certificate status protocol
server specified in the Authority Information Access (AIA) extension
in the certificate. The AIA extension is used to identify how to
access certificate authority (CA) information and services for the
issuer of the certificate.
-
LocalURL:
-
Use the specified URL for the OCSP server specified in the
OCSP Server URL option.
-
UseAIAIfPresentElseLocal:
-
Use the URL of the OCSP server specified in the AIA extension
in the certificate if present. If the AIA extension is not present
in the certificate, use the URL that is configured in the OCSP Server
URL.
-
UseAIAInSignerCert:
-
Use the URL of the OCSP server specified in the AIA extension
in the OCSP request of the signer certificate.
-
OCSP Server URL:
-
Sets the URL of the configured OCSP server. The value is
used only when the LocalURL or UseAIAIfPresentElseLocal values are
in URL To Consult Option.
-
Revocation Check Style:
-
Sets the revocation-checking style that is used for verifying
the trust status of the CRL provider’s certificate from its observed
revocation status. Select one of these values:
Sets
the URL of the configured OCSP server. The value is used only when
the LocalURL or UseAIAIfPresentElseLocal values are in URL To Consult
Option.
Revocation Check Style:
Sets the revocation-checking
style that is used for verifying the trust status of the CRL provider’s
certificate from its observed revocation status. Select one of these
values:
-
NoCheck:
-
Does not check for revocation.
-
BestEffort:
-
Checks for revocation of all certificates when possible.
-
CheckIfAvailable:
-
(Default) Checks for revocation of all certificates only
when revocation information is available.
-
AlwaysCheck:
-
Checks for revocation of all certificates.
-
Max Clock Skew Time (Minutes):
-
Sets the maximum allowed skew, in minutes, between response
time and local time. Valid skew times are
0
-
2147483647
min. The
default value is
5
min.
-
Response Freshness Time (Minutes):
-
Sets the maximum time, in minutes, for which a preconstructed
OCSP response is considered valid. Valid response freshness times
are
1
-
2147483647
min. The default
value is
525600
min. (one year).
-
Send Nonce:
-
Select this option to send a nonce with the OCSP request.
A
nonce
is a parameter that varies with time. These parameters
can be a timestamp, a visit counter on a web page, or a special
marker. The parameter is intended to limit or prevent the unauthorized replay
or reproduction of a file. When the option deselected, a nonce is
not sent with the request. By default, the option is selected.
-
Sign OCSP Request:
-
Select this option to specify that the OCSP request must
be signed. When the option is deselected, the OCSP request does
not need be signed. By default, the option deselected.
-
Request Signer Credential Alias:
-
Sets the credential alias used for signing the OCSP request
when signing is enabled.
-
Go Online for OCSP:
-
Select this option to access the network for OCSP information.
The network can be accessed to retrieve OCSP information for OCSP
checking. The LiveCycle server uses embedded and cached OCSP information
when possible to reduce the amount of network traffic generated
due to OCSP checking. When the option is deselected, OCSP checking
is not retrieved from the network, and only embedded and cached
OCSP information is used. By default, the option is selected.
-
Ignore Validity Dates:
-
Select this option to use the OCSP response thisUpdate and
nextUpdate times. Ignoring these response times prevents any negative
effect on response validity. The thisUpdate and nextUpdate times
are retrieved from external sources by using HTTP or LDAP, and can
be different for each revocation information. When the option is
deselected, the thisUpdate and nextUpdate times are ignored. By
default, the option is deselected.
-
Allow OCSP NoCheck Extension:
-
Select this option to allow an OCSPNoCheck extension in the
response signing certificate. An OCSPNoCheck extension can be present
in the OCSP Responder’s certificate to prevent infinite loops from
occurring during the validation process. When the option is deselected,
the OCSPNoCheck extension is not used. By default, the option is
selected.
-
Require OCSP ISIS-MTT CertHash Extension:
-
Select this option to specify that certificate public key
hash (CertHash) extensions must be present in OCSP responses. This
extension is required for SigQ validation. SigQ compliance requires
the CertHash extension to be in the OCSP responder certificate.
Select this option when processing for SigQ compliance and supported
OCSP responders. When the option is deselected, the CertHash extension
presence in the OCSP response is not required. By default, the option
is deselected.
Sets the maximum allowed
skew, in minutes, between response time and local time. Valid skew
times are
0
-
2147483647
min.
The default value is
5
min.
Response Freshness
Time (Minutes):
Sets the maximum time, in minutes, for which
a preconstructed OCSP response is considered valid. Valid response
freshness times are
1
-
2147483647
min.
The default value is
525600
min. (one year).
Send
Nonce:
Select this option to send a nonce with the OCSP request.
A
nonce
is a parameter that varies with time. These parameters
can be a timestamp, a visit counter on a web page, or a special
marker. The parameter is intended to limit or prevent the unauthorized
replay or reproduction of a file. When the option deselected, a
nonce is not sent with the request. By default, the option is selected.
Sign
OCSP Request:
Select this option to specify that the OCSP
request must be signed. When the option is deselected, the OCSP
request does not need be signed. By default, the option deselected.
Request
Signer Credential Alias:
Sets the credential alias used for
signing the OCSP request when signing is enabled.
Go Online
for OCSP:
Select this option to access the network for OCSP
information. The network can be accessed to retrieve OCSP information
for OCSP checking. The LiveCycle server uses embedded and cached
OCSP information when possible to reduce the amount of network traffic
generated due to OCSP checking. When the option is deselected, OCSP
checking is not retrieved from the network, and only embedded and
cached OCSP information is used. By default, the option is selected.
Ignore
Validity Dates:
Select this option to use the OCSP response
thisUpdate and nextUpdate times. Ignoring these response times prevents
any negative effect on response validity. The thisUpdate and nextUpdate
times are retrieved from external sources by using HTTP or LDAP,
and can be different for each revocation information. When the option
is deselected, the thisUpdate and nextUpdate times are ignored.
By default, the option is deselected.
Allow OCSP NoCheck Extension:
Select
this option to allow an OCSPNoCheck extension in the response signing
certificate. An OCSPNoCheck extension can be present in the OCSP Responder’s
certificate to prevent infinite loops from occurring during the validation
process. When the option is deselected, the OCSPNoCheck extension is
not used. By default, the option is selected.
Require OCSP
ISIS-MTT CertHash Extension:
Select this option to specify
that certificate public key hash (CertHash) extensions must be present
in OCSP responses. This extension is required for SigQ validation.
SigQ compliance requires the CertHash extension to be in the OCSP
responder certificate. Select this option when processing for SigQ compliance
and supported OCSP responders. When the option is deselected, the CertHash
extension presence in the OCSP response is not required. By default, the
option is deselected.
CRL Options Spec
(Optional)
A
CRLOptionSpec
value that
represents the certificate revocation list (CRL) preferences when
CRL is used to perform revocation checking. If you provide a literal
value, specify the following options.
-
Consult
Local URI First:
-
Select this option to use the CRL location provided as a
local URI before any specified locations within a certificate. The
CRL location provided is used for revocation checking. When this
option is selected, it means the local URI is used first. When this
option is deselected, the locations specified in the certificate
before using the local URI are used. By default, the option is deselected.
-
Local URI for CRL Lookup:
-
Sets the URL for the local CRL store. This value is used
only if the Consult Local URI First option is selected. No default
value is provided.
-
Revocation Check Style:
-
Sets the revocation-checking style used for verifying the
trust status of the CRL provider’s certificate from its observed
revocation status. Select one of these values:
-
NoCheck:
Does
not check for revocation.
-
BestEffort:
(Default) Checks for revocation of all
certificates when possible.
-
CheckIfAvailable:
Checks for revocation of all certificates only
when revocation information is available.
-
AlwaysCheck:
Checks for revocation of all certificates.
-
LDAP Server:
-
Sets the URL or path of the Lightweight Directory Access
Protocol (LDAP) server used to retrieve information about the certificate
revocation list (CRL). The LDAP server searches for CRL information
using the distinguished name (DN) according to the rules specified
in
RFC 3280
, section 4.2.1.14. For example,
you can type
www.ldap.com
for the URL or
ldap://ssl.ldap.com:200
for
the path and port. No default value is provided.
-
Go Online for CRL Retrieval:
-
Select this option to access the network to retrieve CRL
information. CRL information is cached on the server to improve
network performance. CRL information is retrieved online only when
necessary. When this option is deselected, CRL information is not retrieved
online. By default, the option is selected.
-
Ignore Validity Dates:
-
Select this option to use thisUpdate and nextUpdate times.
Ignoring the response’s thisUpdate and nextUpdate times prevents
any negative effect on response validity. The thisUpdate and nextUpdate
times are retrieved from external sources by using HTTP or LDAP
and can be different for each revocation information. When the option
is deselected, the thisUpdate and nextUpdate time are ignored. By default,
the option deselected.
-
Require AKI Extension in CRL:
-
Select this option to specify that the Authority Key Identifier
(AKI) extension must be present in the CRL. The AKI extension can
be used for CRL validation. When this option is deselected, the
presence of the AKI extension the CRL is not required. By default,
the option is deselected.
TSP Options Spec
(Optional)
A
TSPOptionSpec
value that
represents the settings that define timestamp information applied
to the certified signature.
If you provide a literal value,
specify the following options.
-
Time Stamp Server
URL:
-
Sets the URL for a TSP server. If no value is provided, the
timestamp from the local system is applied. No default value is
provided.
-
Time Stamp Server Username:
-
Sets the user name, if necessary, for accessing the TSP server.
No default value is provided.
-
Time Stamp Server Password:
-
Sets the password for the user name, if necessary, for accessing
the TSP server. No default value is provided.
-
Time Stamp Server Hash Algorithm:
-
Sets the hash algorithm used to digest the request sent to
the timestamp provider. Select one of these values:
-
SHA1: (Default)
-
The Secure Hash Algorithm that has a 160-bit hash value.
-
SHA256:
-
The Secure Hash Algorithm that has a 256-bit hash value.
-
SHA384:
-
The Secure Hash Algorithm that has a 384-bit hash value.
-
SHA512:
-
The Secure Hash Algorithm that has a 512-bit hash value.
-
RIPEMD160:
-
The RACE Integrity Primitives Evaluation Message Digest that
has a 160-bit message digest algorithm and is not FIPS-compliant.
-
Predicted Time Stamp Token Size (In Bytes):
-
Sets the estimated size, in bytes, of the TSP response. The
size is used to create a signature hole in the PDF document. This
value represents the maximum size of the timestamp response that
the configured TSP could return. Configuring an undersized value
can cause the operation to fail; however, configuring an oversized
value causes the size to be larger than necessary. It is recommended
that this value is not modified unless the timestamp server requires
a response size to be less than 4096 bytes. Valid values are from
60
to
10240
.
The default value is
4096
.
-
Send Nonce:
-
Select this option to send a nonce with the request. A
nonce
is
a parameter that varies with time. These parameters can be a timestamp,
a visit counter on a web page, or a special marker. The parameter
is intended to limit or prevent the unauthorized replay or reproduction
of a file. When the option deselected, a nonce is not sent with
the request. By default, the option is selected.
Output properties
Property to specify the certified PDF document.
Output PDF
The location in the process data model to store the
certified PDF document. The data type is
document
.
This PDF document is new and the input PDF document is not modified.
|
|
|