• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Liutauras Vilda
  • Ron McLeod
Sheriffs:
  • Jeanne Boyarsky
  • Devaka Cooray
  • Paul Clapham
Saloon Keepers:
  • Scott Selikoff
  • Tim Holloway
  • Piet Souris
  • Mikalai Zaikin
  • Frits Walraven
Bartenders:
  • Stephan van Hulst
  • Carey Brown

iText: Digital signature

 
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have generared pdf using itext in servlet.Now I want to use digital signature in that pdf.So what should I do to generate digitally signed pdf..
 
Bartender
Posts: 11497
19
Android Google Web Toolkit Mac Eclipse IDE Ubuntu Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

rakhi sinha wrote:I have generared pdf using itext in servlet.Now I want to use digital signature in that pdf.So what should I do to generate digitally signed pdf..


This might help http://docs.oracle.com/javase/tutorial/security/apisign/gensig.html
http://itextpdf.sourceforge.net/howtosign.html#signtsocspjava
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have used itext jar file to sign pdf generated by using simple java program but how to use this on pdf generated by using servlet...
 
Maneesh Godbole
Bartender
Posts: 11497
19
Android Google Web Toolkit Mac Eclipse IDE Ubuntu Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
So servlets are not Java?
What problem did you run into when you tried with servlets?
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator




I am using following java core code for digital signature.I have generated the foobar certificate by using following keytool command .I am getting a.pdf as output with signature having question mark ,how to show the green right mark on this .But i want to use servlet ,i want digitally signed in my web browser.what shoult i do for this?






 
Bartender
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
What does the question mark mean? Possibly the same as in a browser, that it's a self-signed certificate? Haver you tried a proper certificate?
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:What does the question mark mean? Possibly the same as in a browser, that it's a self-signed certificate? Haver you tried a proper certificate?




I have written servlet also but it is showing exception like

HTTP Status 405 - HTTP method GET is not supported by this URL

--------------------------------------------------------------------------------

type Status report

message HTTP method GET is not supported by this URL

description The specified HTTP method is not allowed for the requested resource (HTTP method GET is not supported by this URL).


--------------------------------------------------------------------------------

Apache Tomcat/6.0.32
 
Tim Moores
Bartender
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
That's a different issue that has nothing to do with PDFs; let's keep this thread to that particular problem. I would suggest that it's much easier to get this kind of thing working in a desktop app before you embed it into a web app.
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:That's a different issue that has nothing to do with PDFs; let's keep this thread to that particular problem. I would suggest that it's much easier to get this kind of thing working in a desktop app before you embed it into a web app.



In desktop it is working but when i have changed it into servlet it is giving this exception.
 
Tim Moores
Bartender
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I thought the problem was this:

I am getting a.pdf as output with signature having question mark ,how to show the green right mark on this .


Are you saying the same code -when running as part of a desktop app- does not have this problem?
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:I thought the problem was this:

I am getting a.pdf as output with signature having question mark ,how to show the green right mark on this .


Are you saying the same code -when running as part of a desktop app- does not have this problem?




in desktop app it does not have any problem
 
Tim Moores
Bartender
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Then it would seem that desktop app and web app do not create byte-for-byte identical PDFs; is that correct?
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:Then it would seem that desktop app and web app do not create byte-for-byte identical PDFs; is that correct?




actually i am not getting how to use certificate to create digital signature in web application,where to store digital signature to create the different different pdfs digitally signed by different different persons.
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

rakhi sinha wrote:

Tim Moores wrote:Then it would seem that desktop app and web app do not create byte-for-byte identical PDFs; is that correct?




actually i am not getting how to use certificate to create digital signature in web application,where to store digital signature to create the different different pdfs digitally signed by different different persons.



In my project I am developing a web application in which first step is to make a servlet containg several fields ,by clicking submit button all the values are saved in database and clicking on another button (generate pdf )create digitally signed pdf,i have created pdf without signature .But i dont know how to create digitally signed pdf using digital certificate.
 
Tim Moores
Bartender
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Where do you see the difference between using a certificate in a desktop app (which you said you have done successfully), and using a certificate in a web app?
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:Where do you see the difference between using a certificate in a desktop app (which you said you have done successfully), and using a certificate in a web app?


In desktop application i have saved keystore in java bin directory .but where we put it when using servlet so that servlet can use it.I am getting this exception

HTTP Status 405 - HTTP method GET is not supported by this URL

--------------------------------------------------------------------------------

type Status report

message HTTP method GET is not supported by this URL

description The specified HTTP method is not allowed for the requested resource (HTTP method GET is not supported by this URL).


--------------------------------------------------------------------------------

Apache Tomcat/6.0.32
 
Tim Moores
Bartender
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
That's a servlet problem that has nothing to do with the actual issue. Your servlet apparently does not have a doGet method, but you're accessing it using a GET.
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:That's a servlet problem that has nothing to do with the actual issue. Your servlet apparently does not have a doGet method, but you're accessing it using a GET.

I have removed that error but now it is giving following error. in resources folder i have saved the keystore and pdf(on which i want digital signature)

HTTP Status 500 -

--------------------------------------------------------------------------------

type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception

java.io.FileNotFoundException: \resources\rrcat.pdf (The system cannot find the path specified)
java.io.FileOutputStream.open(Native Method)
java.io.FileOutputStream.<init>(FileOutputStream.java:179)
java.io.FileOutputStream.<init>(FileOutputStream.java:70)
LoginExample.digital.doGet(digital.java:43)
javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)


note The full stack trace of the root cause is available in the Apache Tomcat/6.0.32 logs.


--------------------------------------------------------------------------------
 
Tim Moores
Bartender
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Looks like you're using a relative path; that won't work in a web app - use an absolute path instead.
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:Looks like you're using a relative path; that won't work in a web app - use an absolute path instead.



Absolute path means..
 
Tim Moores
Bartender
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
C:/Program Files/Java/jdk1.6.0/bin/.keystore is an absolute path

bin/.keystore is a relative path (relative to some other directory, that is).

Searching for "absolute path" will find more information.
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:C:/Program Files/Java/jdk1.6.0/bin/.keystore is an absolute path

bin/.keystore is a relative path (relative to some other directory, that is).

Searching for "absolute path" will find more information.


but in servlet how to use absolute path we cannot give whole bin path , i have made a resources folder in our servlet example (i am using eclipse)so that i can access the content of this resources folders.
 
Tim Moores
Bartender
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

we cannot give whole bin path


Indeed, you shouldn't do that, You should use the path into your web app. ServletContext.getRealPath can help you figure out what that is.
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:

we cannot give whole bin path


Indeed, you shouldn't do that, You should use the path into your web app. ServletContext.getRealPath can help you figure out what that is.




How to use ServletContext.getRealPath and how to give path of keystore and pdf so that signed pdf can be generated.
 
Tim Moores
Bartender
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
What have you tried? If you haven't tried anything, what have you read, and what ideas have you had?
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:What have you tried? If you haven't tried anything, what have you read, and what ideas have you had?



I have tried getRealPath but it is not working
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

rakhi sinha wrote:

Tim Moores wrote:What have you tried? If you haven't tried anything, what have you read, and what ideas have you had?



I have tried getRealPath but it is not working


I am using this for keystore


and this for pdf on which i have to sign


but it is showing following exception


HTTP Status 500 -

--------------------------------------------------------------------------------

type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception

java.io.FileNotFoundException: \resources\a.pdf (The system cannot find the path specified)
java.io.FileOutputStream.open(Native Method)
java.io.FileOutputStream.<init>(FileOutputStream.java:179)
java.io.FileOutputStream.<init>(FileOutputStream.java:70)
LoginExample.digital.doGet(digital.java:43)
javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)


note The full stack trace of the root cause is available in the Apache Tomcat/6.0.32 logs.


--------------------------------------------------------------------------------

Apache Tomcat/6.0.32
 
Tim Moores
Bartender
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You're again using a relative path; two, actually, one in each line of code. The difference is that an absolute path that's used in conjunction with a servlet context is anchored to that context's root - it starts with "/".
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:You're again using a relative path; two, actually, one in each line of code. The difference is that an absolute path that's used in conjunction with a servlet context is anchored to that context's root - it starts with "/".



I have used this "/" but again showing same error.
 
Tim Moores
Bartender
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
With all due respect - I sincerely doubt that. Is "LoginExample" the name of the servlet context? If so, it should not be part of the path. And the file path needs to be absolute, as I mentioned several times by now.
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:With all due respect - I sincerely doubt that. Is "LoginExample" the name of the servlet context? If so, it should not be part of the path. And the file path needs to be absolute, as I mentioned several times by now.


yes LoginExample is the name of servlet context .I have removed that from the path but it is showing same error.
 
Tim Moores
Bartender
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Post the code you're now using and the text of the exception. Also describe the layout of the files and directories that are involved.
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:Post the code you're now using and the text of the exception. Also describe the layout of the files and directories that are involved.







Exception
HTTP Status 500 -

--------------------------------------------------------------------------------

type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception

java.io.FileNotFoundException: \resources\rrcat.pdf (The system cannot find the path specified)
java.io.FileOutputStream.open(Native Method)
java.io.FileOutputStream.<init>(FileOutputStream.java:179)
java.io.FileOutputStream.<init>(FileOutputStream.java:70)
LoginExample.digital.doGet(digital.java:43)
javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)


note The full stack trace of the root cause is available in the Apache Tomcat/6.0.32 logs.


--------------------------------------------------------------------------------

Apache Tomcat/6.0.32


I am using eclipse .in eclipse i am using thie heirarchy Loginexample->WebContent->Resources.In resources folder I have saved a.pdf and keystore
 
Tim Moores
Bartender
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It looks like you still don't understand the concept of paths, neither of file systems paths, nor of paths within a web app. I suggest you get more familiar with those before applying them to this problem.

Or do you really have a root directory called "resources" on your disk?

Or a directory called "resources" at the top level of your web app?
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:It looks like you still don't understand the concept of paths, neither of file systems paths, nor of paths within a web app. I suggest you get more familiar with those before applying them to this problem.

Or do you really have a root directory called "resources" on your disk?

Or a directory called "resources" at the top level of your web app?



resources is at the top level of web app
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

rakhi sinha wrote:

Tim Moores wrote:It looks like you still don't understand the concept of paths, neither of file systems paths, nor of paths within a web app. I suggest you get more familiar with those before applying them to this problem.

Or do you really have a root directory called "resources" on your disk?

Or a directory called "resources" at the top level of your web app?



resources is at the top level of web app



i also have one confusion related to the certificate that how to use it.I mean that in my application there will be many members to use this application.where to store the certificate and digital signature so that when they fill the forms for registartion and after submit the resgistration form i have to upload the digital signature and then use this uploaded digital signature into the pdf using servlet and itext.
 
Tim Moores
Bartender
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
This part of the question still stands:

Or do you really have a root directory called "resources" on your disk?


It's the FileOutputStream handling where the exception occurs, after all.
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:This part of the question still stands:

Or do you really have a root directory called "resources" on your disk?


It's the FileOutputStream handling where the exception occurs, after all.


i am still confused that how to create keystore and create digital signature in pdfs using java servlet in tomcat server
 
Tim Moores
Bartender
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
As I said, there's no difference to using certificates in a desktop app. You just need to fix the exceptions resulting from files not being where they should be, or the paths you're using being incorrect.

If you're still getting exceptions, post the relevant code excerpts along with the full exception stack trace, and describe to us fully the layout of your files and directories.
 
rakhi sinha
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Moores wrote:As I said, there's no difference to using certificates in a desktop app. You just need to fix the exceptions resulting from files not being where they should be, or the paths you're using being incorrect.

If you're still getting exceptions, post the relevant code excerpts along with the full exception stack trace, and describe to us fully the layout of your files and directories.



I am doing from starting by creating keystore and using this to import root certificate in keystore but it is giving input not an X.509 certificate....
Generating a Private Key and a Keystore
From Eclipsepedia
Jump to: navigation, search
1. To generate a keystore, you need a JDK installed with its /bin directory in your path

2. Create a keystore using this command:

keytool -genkey -alias tomcat -keyalg RSA -keystore keystore.jks
keytool will ask you to enter the values for Common Name (CN), Organizational Unit (OU), Oranization(O), Locality (L), State (S) and Country (C). CN should match the domain name of your webapp if you are planning to use this keystore for your servlet container

You can verify keystore contents using this command:

keytool -list -v -keystore keystore.jks
3. Generate the Certificate Signing Request (CSR) using this command:

keytool -certreq -v -alias tomcat -file csr-for-myserver.pem -keystore keystore.jks
Submit contents of csr-for-myserver.pem file to your CA for signing

You can get a trial certificate from Thawte at https://www.thawte.com/cgi/server/try.exe

4. Save the signed certificate from CA to a file signed-cert.pem

You can see the contents of the signed certificate using this command:

keytool -printcert -v -file signed-cert.pem
5. Download Root certificate from CA. You can download Thawte Test Root Certificate from http://www.thawte.com/roots/.

6. Import Root Certificate to keystore using this command:

keytool -import -v -noprompt -trustcacerts -alias cacert -file root-cert.pem -keystore keystore.jks
where root-cert.pem is the Root Certificate from CA

7. Verify contents of keystore using this command:

keytool -list -v -keystore keystore.jks
8. Import CA signed certificate to keystore

keytool -import -v -alias tomcat -file signed-cert.pem -keystore keystore.jks
9. Verify contents of keystore using this command:

keytool -list -v -keystore keystore.jks
 
Hey! You're stepping on my hand! Help me tiny ad!
Smokeless wood heat with a rocket mass heater
https://woodheat.net
reply
    Bookmark Topic Watch Topic
  • New Topic