Wiki source code of Wie erstelle ich eine digitale Unterschrift mit Zertifikat?
Last modified by Begüm Balat on 2023/04/03 09:08
Show last authors
| author | version | line-number | content |
|---|---|---|---|
| 1 | = Set Up Digital Signature = | ||
| 2 | |||
| 3 | This [[Wiki Page>>https://xwiki.rbg.tum.de/bin/view/Informatik/Helpdesk/DigitaleUnterschriftValidieren]] describes how to validate a digital signature. | ||
| 4 | |||
| 5 | |||
| 6 | |||
| 7 | {{toc/}} | ||
| 8 | |||
| 9 | |||
| 10 | == 1. Mac OS X == | ||
| 11 | |||
| 12 | === Adobe Reader === | ||
| 13 | |||
| 14 | ==== Import Certificate ==== | ||
| 15 | |||
| 16 | |||
| 17 | You can download Adobe Reader for Mac OS X [[here>>https://get.adobe.com/de/reader/]]. | ||
| 18 | |||
| 19 | Start up the program 'Adobe Reader DC' and click on **Preferences**. | ||
| 20 | |||
| 21 | [[image:Adobereaderpreferences.png||width="800"]] | ||
| 22 | |||
| 23 | |||
| 24 | |||
| 25 | |||
| 26 | Choose **Signatures** from the dropdown menu. | ||
| 27 | |||
| 28 | [[image:adobereadersignatures.png||width="500"]] | ||
| 29 | |||
| 30 | |||
| 31 | |||
| 32 | |||
| 33 | Click on **More** in the **Identities & trusted Certificates** section. | ||
| 34 | |||
| 35 | [[image:adobereadermore.png||width="800"]] | ||
| 36 | |||
| 37 | |||
| 38 | |||
| 39 | |||
| 40 | Choose **Digital ID Files** and click on **Attach File** in order to import a certificate. | ||
| 41 | |||
| 42 | [[image:digsigattfilefiles.png||width="800"]] | ||
| 43 | |||
| 44 | |||
| 45 | |||
| 46 | |||
| 47 | Choose your certificate file. | ||
| 48 | |||
| 49 | [[image:digsigzertopen.png||width="800"]] | ||
| 50 | |||
| 51 | |||
| 52 | |||
| 53 | |||
| 54 | Enter the password that was previously set, when exporting the certificate. | ||
| 55 | |||
| 56 | **Note**: If no password was set, during the exportation of the certificate this step can be skipped. | ||
| 57 | |||
| 58 | [[image:digsigattfilepwd.png||width="800"]] | ||
| 59 | |||
| 60 | |||
| 61 | |||
| 62 | |||
| 63 | The Certificate is now imported and can be used for digital signatures. | ||
| 64 | |||
| 65 | [[image:digsigaddidfinish.png||width="800"]] | ||
| 66 | |||
| 67 | |||
| 68 | You can also synchronize Adobe Reader with Keychain Access and import all certificates at the same time. | ||
| 69 | |||
| 70 | |||
| 71 | |||
| 72 | |||
| 73 | ==== Using Digital Signature ==== | ||
| 74 | |||
| 75 | |||
| 76 | In order to sign a file with your digital signature, click on the blue field. | ||
| 77 | |||
| 78 | [[image:adobereaderunterschrift.png||width="800"]] | ||
| 79 | |||
| 80 | |||
| 81 | |||
| 82 | |||
| 83 | Choose your certificate. | ||
| 84 | |||
| 85 | [[image:digsigzertauswaehlen.png||width="800"]] | ||
| 86 | |||
| 87 | |||
| 88 | |||
| 89 | |||
| 90 | Enter the password set during exportation. | ||
| 91 | |||
| 92 | [[image:digsigpasseingabe.png||width="800"]] | ||
| 93 | |||
| 94 | |||
| 95 | |||
| 96 | |||
| 97 | Click on **Sign**. | ||
| 98 | |||
| 99 | [[image:digsigpasswdsign.png||width="800"]] | ||
| 100 | |||
| 101 | |||
| 102 | |||
| 103 | |||
| 104 | Next, save the File. This will confirm the digital signature. | ||
| 105 | |||
| 106 | [[image:adobereaderpreferencesspeicherndatei.png||width="800"]] | ||
| 107 | |||
| 108 | |||
| 109 | |||
| 110 | |||
| 111 | The digital signature looks as follows: | ||
| 112 | |||
| 113 | [[image:adobereaderpreferencesdigitalunterschrieben wiki.png||width="800"]] | ||
| 114 | |||
| 115 | |||
| 116 | |||
| 117 | == 2. Windows 10 == | ||
| 118 | |||
| 119 | You can download Adobe Reader [[here>>https://get.adobe.com/de/reader/otherversions/]] | ||
| 120 | |||
| 121 | |||
| 122 | === Adobe Reader === | ||
| 123 | |||
| 124 | ==== Import Certificate ==== | ||
| 125 | |||
| 126 | |||
| 127 | The setup for digital signatures in Windows is parallel to Mac OS. | ||
| 128 | |||
| 129 | Go to the **Preferences** Panel. | ||
| 130 | |||
| 131 | [[image:adobewinpreferences.png||width="800"]] | ||
| 132 | |||
| 133 | |||
| 134 | |||
| 135 | |||
| 136 | Click on **Signatures** and then on **More**. | ||
| 137 | |||
| 138 | [[image:adobewinsignature.png||width="1000"]] | ||
| 139 | |||
| 140 | |||
| 141 | |||
| 142 | |||
| 143 | You can now import your certificate. Choose **Digital ID Files** on the left hand side and **Attach File** in order to do so. | ||
| 144 | |||
| 145 | [[image:adobewinatttach1.png||width="800"]] | ||
| 146 | |||
| 147 | |||
| 148 | |||
| 149 | |||
| 150 | Once the certificate has been chosen, enter the corresponding password, set during the exportation process. | ||
| 151 | |||
| 152 | **Note**: If no password was set, during the exportation of the certificate this step can be skipped. | ||
| 153 | |||
| 154 | [[image:adobewinattachfile.png||width="800"]] | ||
| 155 | |||
| 156 | |||
| 157 | |||
| 158 | |||
| 159 | ==== Using Digital Signature ==== | ||
| 160 | |||
| 161 | In order to sign a file with your digital signature, click on the field to which you wish to add the signature. | ||
| 162 | |||
| 163 | [[image:adobereaderunterschrift.png||width="800"]] Choose your certificate. | ||
| 164 | |||
| 165 | |||
| 166 | |||
| 167 | |||
| 168 | [[image:adobewindigidauswaehlen.png||width="800"]] Next, save the File. This will confirm the digital signature. | ||
| 169 | |||
| 170 | |||
| 171 | |||
| 172 | |||
| 173 | [[image:adobereaderpreferencesdigitalunterschrieben wiki.png||width="800"]] | ||
| 174 | |||
| 175 | |||
| 176 | |||
| 177 | |||
| 178 | === JSignPdf === | ||
| 179 | |||
| 180 | You can download this tool [[here>>https://sourceforge.net/projects/jsignpdf/files/latest/download]]. It will download an .exe file. | ||
| 181 | |||
| 182 | Open it with a double click and install it: | ||
| 183 | [[image:windowssetup1.png||width="1200"]] | ||
| 184 | |||
| 185 | |||
| 186 | |||
| 187 | |||
| 188 | [[image:windowsetup2.png||width="1200"]] | ||
| 189 | |||
| 190 | |||
| 191 | |||
| 192 | [[image:windowssetup3.png||width="600"]] Start the program. | ||
| 193 | |||
| 194 | |||
| 195 | |||
| 196 | [[image:windowsprogrammstart.png||width="800"]] | ||
| 197 | |||
| 198 | |||
| 199 | |||
| 200 | |||
| 201 | Choose the **Keystore Type** **PKCS12-DEF-3DES-3DES** and the certificate you wish to use. Enter the corresponding password below and choose the file you wish to sign digitally. Click on **Settings**. | ||
| 202 | |||
| 203 | **Note**: If no password was set, during the exportation of the certificate, no password needs to be entered here. | ||
| 204 | |||
| 205 | [[image:jsignpdfeinstellungen.png||width="1000"]] | ||
| 206 | |||
| 207 | |||
| 208 | |||
| 209 | |||
| 210 | Click on **Preview and Select**. | ||
| 211 | |||
| 212 | [[image:digsignwinprewievselect.png||width="1000"]] | ||
| 213 | |||
| 214 | |||
| 215 | |||
| 216 | |||
| 217 | Highlight the field in which to use the signature | ||
| 218 | |||
| 219 | [[image:winddigsignfeldmark.png||height="528" width="1141"]] | ||
| 220 | |||
| 221 | |||
| 222 | |||
| 223 | |||
| 224 | You can adjust the position of the signature with these parameters. | ||
| 225 | [[image:digsignwinprewievselectcloseneu.png||width="1000"]] | ||
| 226 | |||
| 227 | |||
| 228 | |||
| 229 | |||
| 230 | Click on **TSA/OCSP/CLR** and activate **Use Timestamp Server**. | ||
| 231 | [[image:timestampdigsigwind.png||width="1000"]] | ||
| 232 | |||
| 233 | |||
| 234 | |||
| 235 | |||
| 236 | Finally, click on **Sign It**. | ||
| 237 | |||
| 238 | [[image:signitwindigsignat.png||width="1000"]] | ||
| 239 | |||
| 240 | |||
| 241 | |||
| 242 | |||
| 243 | You can see the details in the Output Console of the program. | ||
| 244 | |||
| 245 | [[image:digsignwindkonsole.png||width="1000"]] | ||
| 246 | |||
| 247 | |||
| 248 | |||
| 249 | |||
| 250 | The digital signature looks as follows: | ||
| 251 | [[image:digsignwind.png||width="1000"]] | ||
| 252 | |||
| 253 | The digitally signed file is automatically saved as a new file in the directory of the original file. | ||
| 254 | |||
| 255 | |||
| 256 | |||
| 257 | |||
| 258 | == 3. Linux == | ||
| 259 | |||
| 260 | === JSignPdf === | ||
| 261 | |||
| 262 | You can download the tool [[here>>https://sourceforge.net/projects/jsignpdf/files/latest/download]]. This will download a .zip file. Unpack the file. | ||
| 263 | |||
| 264 | Install Java via the console. | ||
| 265 | |||
| 266 | {{html wiki="true"}} | ||
| 267 | {{code}}sudo apt-get install openjdk-8-jre{{/code}} | ||
| 268 | {{/html}} | ||
| 269 | |||
| 270 | |||
| 271 | |||
| 272 | Go to the directory jsignpdf-1.6.4: | ||
| 273 | |||
| 274 | {{html wiki="true"}} | ||
| 275 | {{code}}cd ~/jsignpdf-1.6.4/{{/code}} | ||
| 276 | {{/html}} | ||
| 277 | |||
| 278 | |||
| 279 | |||
| 280 | and use this command: | ||
| 281 | |||
| 282 | {{html wiki="true"}} | ||
| 283 | {{code}}java -jar JSignPdf.jar{{/code}} | ||
| 284 | {{/html}} | ||
| 285 | |||
| 286 | |||
| 287 | |||
| 288 | |||
| 289 | This will launch the program. Choose the Keystore type **PKCS12-3DEF-3DES-3DES** , the desired **Certificate**, the corresponding P**assword** set while exporting it and the file to be digitally signed. | ||
| 290 | |||
| 291 | **Note**: If no password was set, during the exportation of the certificate, no password needs to be entered here. | ||
| 292 | |||
| 293 | Click on **TSA/OCSP/CRL**. | ||
| 294 | |||
| 295 | [[image:JSIGNPDFLINUX-TSA:OCSP:CRL.png||width="1000"]] | ||
| 296 | |||
| 297 | |||
| 298 | |||
| 299 | |||
| 300 | Activate **Use Timestamp Server**. | ||
| 301 | |||
| 302 | [[image:timestempelserverlinux.png||width="1000"]] | ||
| 303 | |||
| 304 | |||
| 305 | |||
| 306 | |||
| 307 | Open **Settings**. | ||
| 308 | |||
| 309 | [[image:jsignpdfeinstellungenlinux.png||width="1000"]] | ||
| 310 | |||
| 311 | |||
| 312 | |||
| 313 | |||
| 314 | Click **Preview & Select**. | ||
| 315 | |||
| 316 | [[image:jsginpdflinuxprewievselect.png||width="1000"]] | ||
| 317 | |||
| 318 | |||
| 319 | |||
| 320 | |||
| 321 | The PDF-File should open. Choose the filed in which you wish to insert your digital signature and click on **Close**. | ||
| 322 | |||
| 323 | [[image:feldmarkierenlinux.png||width="1200"]] | ||
| 324 | |||
| 325 | |||
| 326 | |||
| 327 | |||
| 328 | __**Signature name and Description**__ | ||
| 329 | |||
| 330 | Choose font size 6, in order to have enough space for the date to be displayed. | ||
| 331 | |||
| 332 | [[image:jsignpdfbereichmanuellauswaehlenlinux.png||width="1000"]] | ||
| 333 | |||
| 334 | |||
| 335 | |||
| 336 | |||
| 337 | __**Only Description**__ | ||
| 338 | |||
| 339 | Choose **Only Description** and click on **Close**. | ||
| 340 | |||
| 341 | [[image:jsignpdfnurbeschreibunglinux8.png||width="1000"]] | ||
| 342 | |||
| 343 | |||
| 344 | |||
| 345 | |||
| 346 | Click on **Sign**. | ||
| 347 | |||
| 348 | [[image:jsignpdfsignierenlinux.png||width="1000"]] | ||
| 349 | |||
| 350 | |||
| 351 | |||
| 352 | |||
| 353 | You can see the details in the Output Console of the program.. | ||
| 354 | |||
| 355 | [[image:jsignkonsolelinux.png||width="1000"]] | ||
| 356 | |||
| 357 | |||
| 358 | |||
| 359 | |||
| 360 | The digitally signed file is automatically saved as a new file in the directory of the original file. | ||
| 361 | |||
| 362 | The digital signature with the setup **Signature name and Description** and font size **8** in Adobe Reader looks as follows: | ||
| 363 | |||
| 364 | [[image:jsginpdflinux8.png||width="1000"]] | ||
| 365 | |||
| 366 | |||
| 367 | |||
| 368 | |||
| 369 | The digital signature with the setup **Signature name and Description** and font size **6** in Adobe Reader looks as follows. | ||
| 370 | |||
| 371 | [[image:signpdf6linux.png||width="1000"]] | ||
| 372 | |||
| 373 | |||
| 374 | |||
| 375 | |||
| 376 | The digital signature with the setup **Only Description** and font size **8** in Adobe Reader looks as follows: | ||
| 377 | |||
| 378 | [[image:jsignnurbeschreibunglinux.png||width="1000"]] |