-1
使用以下命令;將自簽名密鑰庫包含到可信證書列表中
密鑰工具-keystore org726.store -genkey -alias org726
我用於上述步驟的口令是 「口令」。它在ks.load()下面的代碼中被硬編碼。
我生成的密鑰存儲和使用Java程序進行數字簽名的PDF
public void signPdfFirstTime(String src, String dest)
{
try{
BouncyCastleProvider provider = new BouncyCastleProvider();
Security.addProvider(provider);
//KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
String path = properties.getProperty("PRIVATE");
String keystore_password = properties.getProperty("PASSWORD");
String PASSWORD = "password";
ks.load(new FileInputStream(KEYSTORE1), PASSWORD.toCharArray());
//ks.load(new FileInputStream(path), keystore_password.toCharArray());
String alias = (String)ks.aliases().nextElement();
PrivateKey pk = (PrivateKey) ks.getKey(alias, "password".toCharArray());
Certificate[] chain = ks.getCertificateChain(alias);
PdfReader reader = new PdfReader(src);
FileOutputStream os = new FileOutputStream(dest);
PdfStamper stamper = PdfStamper.createSignature(reader, os, '\0');
// appearance
PdfSignatureAppearance appearance = stamper .getSignatureAppearance();
appearance.setImage(Image.getInstance("D:\\logo.jpg"));
appearance.setReason("I've written this.");
appearance.setLocation("Chennai");
appearance.setVisibleSignature(new Rectangle(72, 732, 144, 780), 1, "first");
// digital signature
System.out.println(PageSize.A4.getHeight());
System.out.println(PageSize.A4.getWidth());
ExternalSignature es = new PrivateKeySignature(pk, DigestAlgorithms.SHA1, provider.getName());
ExternalDigest digest = new BouncyCastleDigest();
MakeSignature.signDetached(appearance, digest, es, chain, null, null, null, 0, CryptoStandard.CADES);
}catch(Exception e)
{
e.printStackTrace();
}
}
但在最終的PDF我得到:因爲它沒有被列入名單 簽名者的身份不明您的可信證書。它是一個.store文件。在Eclipse中調試它的x509證書後進行檢查。
我如何將其包含在受信任的證書列表?