Adds support for intermediate certificates in PDF document signing

felixble commented 6 months ago

Implements the ability to include intermediate certificates for establishing the trust chain when signing PDF documents. Supports the default behaviour of *.p12 files containing intermediate certificates in extracerts attribute.

I had the following files:

certificate.cer - my certificate
private.key - private key for the certificate
intermediate.cer - intermediate certificate needed for establishing the trust chain to the trusted root certificate

I created a p12 file with the following command:

openssl pkcs12 -export -out your_combined_cert.p12 -inkey private.key -in certificate.cer -certfile intermediate.cer

When reading the p12 file the array stored PDFDoc::$_certificate contains an additional attribute extracerts which contains the intermediate certificate.

With these changes the extracerts will be taken into account.

dealfonso commented 5 months ago

Hi,

thank you for your help... I'll check this PR.

dealfonso commented 1 week ago

the new TSA and LTV support in PR #70 makes new changes that include the intermediate certificates

dealfonso / sapp

Adds support for intermediate certificates in PDF document signing #61