search

intoolswetrust / jsignpdf

PDF signing software written in Java. It supports visible signatures, timestamping, certificate verification and many other cool features
https://intoolswetrust.github.io/jsignpdf/
Other
310 stars 120 forks source link

Show time/date on signature #114

Open test2a opened 2 years ago

test2a commented 2 years ago

Currently I am only able to either show name or description on the visible signature but not time of signing as say adobe reader does when it creates a signature.

I had to explain this to a few people that indeed these two were same signatures but people assume unless the signature doesn't look like one made by adobe, it isn't valid.

This would be a totally cosmetic change, allow users to Alps show time of signing on the sign itself along with name and description.

JohnPlanetary commented 1 year ago

I don't have problems with signing PDF files, they show the time of signature, but your need to setup/ configure the part of the program that applies the Secure Time Stamp (TSA). Check the "Advanced mode", then click on "TSA/OCSP/CRL" then select the option "Use the timestamp server", in the "URL TSA" you can enter your timestamp URL (if you have none you can use for example: http://timestamp.digicert.com ), use without authentication unless the timestamp provider gives your credentials to access the service (usually in paid services), in the Hash algorithm 99% of the services support the best: SHA512 , if it gives error try: SHA256 Activate "OCSP" option (don't enter the OCSP URL unless your provider gives one to use in these kind of applications... usually the JSignPDF will get that info from the certificates), Activate "CRL" (these may make the files very big! It will depend on the certificate authority your are using. Your may try to see if just "OCSP" is necessary, to know that, just select "OCSP" first and don't select "CRL" and sign some random PDF file to see in the properties of the digital signature if it is enabled for "LTV" (Long Term Validation) if not, your need to also enable the "CRL").

The examples in image are in Portuguese language but things in other languages should be in the same positions:

Bellow how to configure the Secure Time Stamp:

1 (8. option will make the PDF file size very big, if only using option 7. "OCSP" is enough to activate "LTV" (Long Term Validation) on the PDF files (check after signing in the Adobe Acrobat Reader for that information), then leave option 8. "CRL" disabled, otherwise leave it selected for the "LTV" status to be enabled. It depends on the certificate authority that provides your certificate if they support "OCSP" properly in all the chain from intermediate certificate to your certificate in the end or not.)

Bellow how to configure to present the information like Adobe Acrobat Reader does:

2 (10. is "Only description")

PDF file signed with JSignPDF 2.2.0. I have used a test certificate just for these demonstration, your need to trust it manually in order to confirm it really works properly in adobe. test_signed.pdf

Here how it looks like: 3