Closed mvilloldo closed 6 years ago
rouxemmanuel
commented
8 years ago Hi,
I'm not an expert on Active Directory, but if you succeed in generating a cert file from your AD with the right format for the digital signing plugin, you'll can import this file in the plugin.
Regards, Emmanuel
mvilloldo
commented
8 years ago Emmanuel thank you for your answer,
I found in the other issues that the Alias was missing from the cert, is this a required field? if so, are there any others?
I compared the cert that I was able to generate with openssl with the one generate by the guy administering the CA in our company and I noticed that the Alias field was empty from his cert, so I ask to generate a new one(Im still waiting for the cert). I also noticed differences with the encryption algorithm
this is what I have found, are the differences preventing me from importing the cert?
This is the cert from the CA Signature algorithm sha256RSA Signature hash algorithm sha256
And this is my cert generated from openssl Signature algorithm sha1RSA Signature hash algorithm sha1
Public key RSA (2018 Bits) both certs have this value
Regards
Mauro.
Adam-Michalski
commented
7 years ago Hi, I have problem with generating cert for this plugin. keyAlgorithm is missing.
10300003 Wrapped Exception (with status template): 10300020 Error during processing of the template 'The following has evaluated to null or missing: ==> signingKey.properties["dgtsgn:keyAlgorithm"] [in template "org/alfresco/plugin/digitalSigning/webscript/upload/upload.post.html.ftl" at line 2, column 443]
How to create cert with openssl?
I am generating cert like:
openssl req -new -x509 -nodes -days 365 -newkey rsa:2048 -keyout testcert.key -out testcert.crt
openssl pkcs12 -export -inkey testcert.key -in testcert.crt -out testcert.p12 -name "Signature Orsiris de Jong"
Community v5.2.0 (r132772-b11) schema 10,005
fjleon1980
commented
7 years ago what is the correct format the plugin expects? Since key type only mentions x.509, i exported my personal certificate without the private key and choose "x.509 base 64 .cer" Since i chose that value, i don't know why the plugin is expecting me to type the "key password" and "key alias", both should be blank.
I also tested the DER binary x.509 which also fails
essadek
commented
7 years ago @Adam-Michalski , here is what worked for me:
genrsa -out PATH/hayilaeh.key 2048
req -new -x509 -nodes -days 365 -newkey rsa:2048 -keyout PATH/hayilaeh.key -out PATH/hayilaeh.crt
pkcs12 -export -inkey PATH/hayilaeh.key -in PATH/hayilaeh.crt -out PATH/aehcert.p12 -name "User x Signature"
rouxemmanuel
commented
7 years ago Hi,
Can you test with the latest release (2.1.0) ?
Regards, Emmanuel
FathiBenNasr
commented
6 years ago Hello Emmanuel,
I have installed correctly the plugin. I see a "sign document" link but no widget to upload my signing key.
Could you help me please ?
rouxemmanuel
commented
6 years ago Hi,
You must had the "digital signature" dashlet on your user dashboard. This dashlet allows to add/modify your signature (certificats).
Regards, Emmanuel
Hi there Emmanuel,
I'm modifying my question since I discovered other similar issues (This is my first question on GitHub, I signed up just to see if we could work this out)
I'm having the "Loading .cert issue" This certificates created in the other already closed issues are created through openssl, this certificates are self signed right? (While Im writing this I created the .p12 file and I was able to upload and sign documents) Now the cuestion is...
We have in our environment a Windows Active Directory Domain with CA, can we create certs from there and import them to your plugin?
Thanks in advance.