Unable to upload signed files to repository

[angel-miralles]

After installing the add-on we can sign pdf files using Autofirma applet and upload new, non signed, pdf files to repository but when we try to upload signed files we recieve the error

2018-05-30 12:15:12,709 ERROR [org.springframework.extensions.webscripts.AbstractRuntime] [ajp-apr-8009-exec-21] Exception from executeScript: 04300145 Failed to execute transaction-level behaviour public abstract void org.alfresco.repo.node.NodeServicePolicies$OnCreateNodePolicy.onCreateNode(org.alfresco.service.cmr.repository.ChildAssociationRef) in transaction 2055e7d8-bc1f-461d-b5c2-d684daad2539 org.alfresco.error.AlfrescoRuntimeException: 04300145 Failed to execute transaction-level behaviour public abstract void org.alfresco.repo.node.NodeServicePolicies$OnCreateNodePolicy.onCreateNode(org.alfresco.service.cmr.repository.ChildAssociationRef) in transaction 2055e7d8-bc1f-461d-b5c2-d684daad2539

Can you advice?

[angelborroy-ks]

Can you paste or attach the full stack trace?

What Alfresco version and alfresco-esign-cert version are you using?

[angel-miralles]

Hi, I am using Alfresco Community 5.2 and esign-cert 1.6.2 I attach log

Thanks for the support alfresco.log

[angelborroy-ks]

Short Story

We've released a new version to patch this issue. Please, upgrade your installation by using

https://github.com/keensoft/alfresco-esign-cert/releases/tag/1.7.0

And tell us if the issue has been solved.

Short Story Long

Previous iText dependency in esign-cert-repo module was 5.0.6, so it was also including Bouncy Castle 1.38 artifacts (as this addon was developed originally for Alfresco 5.0.d).

As Alfresco 201707 includes Bounce Castle 1.46, the server can randomly pick 1.38 or 1.46. When picking 1.46, the field id_pkix_ocsp_basic didn't existed for OCSPObjectIdentifiers class.

We've upgraded iText dependency to 5.1.3 to match Bouncy Castle dependencies and to avoid this conflicting deployment.

As side effect, alfresco-esign-cert 1.7.0 will only run with Alfresco 201707, as Alfresco 6 will upgrade Bouncy Castle to 1.59.

[angel-miralles]

The issue is fixed with this new release

Muchas gracias por todo

[angel-miralles]

Sorry to reopen this issue but, although we can upload signed pdf files using a certificate without error, we have a similar error when uploading a pdf file signed by a time stamp sever. I attach the log.

Thanks for the support log_error.txt

[angelborroy-ks]

Probably you uninstalled incorrectly previous version of this addon.

Can you provide the output of a command like following?

/opt/alfresco/tomcat/webapps/alfresco/WEB-INF/lib# ls bc*
bcel-6.0-RC3.jar       bcmail-jdk15-1.46.jar  bcprov-jdk15-1.46.jar

[angel-miralles]

I have a virtual machine and reverted to saved snapshot generated prior to installing 1.6.2 Anyway this is the command output

root@debian:/opt/bitnami/apache-tomcat/webapps/alfresco/WEB-INF/lib# ls bc* bcel-6.0-RC3.jar bcmail-jdk15-1.46.jar bcprov-jdk15-1.46.jar

[angelborroy-ks]

Sorry to bother you with my guess about the cause of the problem, just trying to help.

Alfresco does not include TSA Bouncy Castle Library out-of-the-box, so any signature including a TimeStamp is not validated.

You can download manually the library at https://mvnrepository.com/artifact/org.bouncycastle/bctsp-jdk15/1.46 and include it wherever you want (share libs, app lib...)

This issue has nothing to see with original issue #43

[angel-miralles]

No worries. You are right, it is not the same issue. I rushed into assessing it was related to the add-on.

Thanks for the support

[jrbrasil]

No worries. You are right, it is not the same issue. I rushed into assessing it was related to the add-on.

Thanks for the support

Hi angel-miralles, I have this same problem. What did you do to solve it? Thanks.