Hi,
Is Spire.Pdf support to add digital signatrue/certificate in pdf using .pem file instead of .pfx file? I am using freespire.pdf(8.6.0) in .NetCore -6
While i am trying to execute below code it working fine locally
PdfDocument doc = new PdfDocument();
doc.LoadFromFile(signedDocPath);
X509Certificate2 pemCertificate = X509Certificate2.CreateFromPemFile(certificatePath); -> certificate path is .pem file attached
Logger.Info("X509Certificate2 fetched");
PdfCertificate cert = new PdfCertificate(pemCertificate); //, GoatSignConsts.GoatSignCertificatePassword);
Logger.Info("Digital certificate fetched from fetched");
PdfSignature signature = new PdfSignature(doc, doc.Pages[doc.Pages.Count - 1], cert, "GoatSign Digital Signature");
Logger.Info("signature imported");
//Set the document permission to forbid changes but allow form fill
signature.DocumentPermissions = PdfCertificationFlags.ForbidChanges | PdfCertificationFlags.AllowFormFill;
doc.SaveToFile(finalDocument);
but when it gives below error on production
ERROR 2023-06-06 15:21:26,529 [8 ] spNetCore.Antiforgery.DefaultAntiforgery - An exception was thrown while deserializing the token.
Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The antiforgery token could not be decrypted.
---> System.Security.Cryptography.CryptographicException: The key {975adf25-83ab-4cf2-a684-bf213ff4a01c} was not found in the key ring.
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.DangerousUnprotect(Byte[] protectedData, Boolean ignoreRevocationErrors, Boolean& requiresMigration, Boolean& wasRevoked)
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
--- End of inner exception stack trace ---
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery.GetCookieTokenDoesNotThrow(HttpContext httpContext)
WARN 2023-06-06 15:21:54,761 [18 ] Microsoft.EntityFrameworkCore.Query - Compiling a query which loads related collections for more than one collection navigation either via 'Include' or through projection but no 'QuerySplittingBehavior' has been configured. By default Entity Framework will use 'QuerySplittingBehavior.SingleQuery' which can potentially result in slow query performance. See https://go.microsoft.com/fwlink/?linkid=2134277 for more information. To identify the query that's triggering this warning call 'ConfigureWarnings(w => w.Throw(RelationalEventId.MultipleCollectionIncludeWarning))'
WARN 2023-06-06 15:22:03,201 [8 ] Microsoft.EntityFrameworkCore.Query - Compiling a query which loads related collections for more than one collection navigation either via 'Include' or through projection but no 'QuerySplittingBehavior' has been configured. By default Entity Framework will use 'QuerySplittingBehavior.SingleQuery' which can potentially result in slow query performance. See https://go.microsoft.com/fwlink/?linkid=2134277 for more information. To identify the query that's triggering this warning call 'ConfigureWarnings(w => w.Throw(RelationalEventId.MultipleCollectionIncludeWarning))'
ERROR 2023-06-06 15:22:07,764 [6 ] n.Web.Controllers.SignDocumentController - Digital Certificate Error :
Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: The system cannot find the file specified.
at System.Security.Cryptography.CngKeyLite.ImportKeyBlob(String blobType, ReadOnlySpan`1 keyBlob, Boolean encrypted, ReadOnlySpan`1 password)
at System.Security.Cryptography.CngPkcs8.ImportPkcs8(ReadOnlySpan`1 keyBlob)
at System.Security.Cryptography.CngPkcs8.ImportPkcs8PrivateKey(ReadOnlySpan`1 source, Int32& bytesRead)
at System.Security.Cryptography.RSAImplementation.RSACng.ImportPkcs8PrivateKey(ReadOnlySpan`1 source, Int32& bytesRead)
at Internal.Cryptography.PemKeyImportHelpers.ImportPem(ReadOnlySpan`1 input, FindImportActionFunc callback)
at System.Security.Cryptography.RSA.ImportFromPem(ReadOnlySpan`1 input)
at System.Security.Cryptography.X509Certificates.X509Certificate2.ExtractKeyFromPem[TAlg](ReadOnlySpan`1 keyPem, String[] labels, Func`1 factory, Func`2 import)
at System.Security.Cryptography.X509Certificates.X509Certificate2.CreateFromPem(ReadOnlySpan`1 certPem, ReadOnlySpan`1 keyPem)
at System.Security.Cryptography.X509Certificates.X509Certificate2.CreateFromPemFile(String certPemFilePath, String keyPemFilePath)
at GoatSign.Web.Controllers.SignDocumentController.AddDigitalSignatureToSigedDocument(String signedDocPath, Guid sReqId, String documentName)
Please guid us
Thanks
Login to view the files attached to this post.
-
jenishItact - Posts: 18
- Joined: Tue Mar 21, 2023 5:34 am
Hello,
Thanks for your inquiry.
Sorry currently our Spire.PDF doesn't support signing PDF document with the PEM file, we have added it as a new feature into our upgrade list with ticket SPIREPDF-5753. If it is realized in the future, we will inform you.
Sincerely,
Swain
E-iceblue support team
Thanks for your inquiry.
Sorry currently our Spire.PDF doesn't support signing PDF document with the PEM file, we have added it as a new feature into our upgrade list with ticket SPIREPDF-5753. If it is realized in the future, we will inform you.
Sincerely,
Swain
E-iceblue support team
-
Swain.Wang - Posts: 34
- Joined: Thu Jun 01, 2023 3:55 am
Hi Thanks For your reply,
Is there any alternate way with we can add digital signature without .pfx file in spire.pdf (freespire.pdf-8.6.0)?
Is there any alternate way with we can add digital signature without .pfx file in spire.pdf (freespire.pdf-8.6.0)?
-
jenishItact - Posts: 18
- Joined: Tue Mar 21, 2023 5:34 am
Hello,
Thank you for your response.
Currently, our Spire.Pdf supports digital signing using files in formats such as .pfx, .p12 and .cer. Sorry for the misunderstanding earlier. Do you mean that you can sign with .pem file locally, but the production environment will throw exceptions? If so, could you please provide us with the following information for further investigation, thanks in advance.
1.Your complete test code or a simplified project that can be run directly;
2.Your certificate file and password;
3.Your project framework and runtime environment.
Best regards,
Swain
E-iceblue support team
Thank you for your response.
Currently, our Spire.Pdf supports digital signing using files in formats such as .pfx, .p12 and .cer. Sorry for the misunderstanding earlier. Do you mean that you can sign with .pem file locally, but the production environment will throw exceptions? If so, could you please provide us with the following information for further investigation, thanks in advance.
1.Your complete test code or a simplified project that can be run directly;
2.Your certificate file and password;
3.Your project framework and runtime environment.
Best regards,
Swain
E-iceblue support team
-
Swain.Wang - Posts: 34
- Joined: Thu Jun 01, 2023 3:55 am
Hi here i am attaching code
Here i am using below configuration
1) Free.Spire.pdf(8.6.0)
2) .Net Core - 5
3) I have created .pem file from .pfx file
password for pfx file : 1q2w3E*
4) run time enviroment & source code attached in Attachment.pdf
Here it is working fine in locally and add digital signature in pdf but on production it is giving error as i define on first post
Here i am using below configuration
1) Free.Spire.pdf(8.6.0)
2) .Net Core - 5
3) I have created .pem file from .pfx file
password for pfx file : 1q2w3E*
4) run time enviroment & source code attached in Attachment.pdf
Here it is working fine in locally and add digital signature in pdf but on production it is giving error as i define on first post
Login to view the files attached to this post.
-
jenishItact - Posts: 18
- Joined: Tue Mar 21, 2023 5:34 am
Hello,
Thanks for more information.
Is your project deployed on Azure? If so, you need to set the App Setting WEBSITE_LOAD_USER_PROFILE to 1, as shown the following attachment. Please verify it on your side and then tell us the result. Looking forward to your further feedback.
Sincerely,
Swain
E-iceblue support team
Thanks for more information.
Is your project deployed on Azure? If so, you need to set the App Setting WEBSITE_LOAD_USER_PROFILE to 1, as shown the following attachment. Please verify it on your side and then tell us the result. Looking forward to your further feedback.
Sincerely,
Swain
E-iceblue support team
Login to view the files attached to this post.
-
Swain.Wang - Posts: 34
- Joined: Thu Jun 01, 2023 3:55 am
Hi,
We are using https://www.simply.com/dk/hosting/ and the Standard suite for hosting our application on which digital signature is not working with .pem file
We are using https://www.simply.com/dk/hosting/ and the Standard suite for hosting our application on which digital signature is not working with .pem file
-
jenishItact - Posts: 18
- Joined: Tue Mar 21, 2023 5:34 am
Hello,
Thanks for your feedback.
After investigation, we found that your issue may not be related to our Spire.PDF. Yesterday, I encountered a similar exception after publishing my project to Azure and resolved it by setting WEBSITE_LOAD_USER_PROFILE to 1. Since we are not familiar with your production environment, it is difficult to further investigate. For your situation, I suggest you consult simply.com's technical support to see if they have any relevant solutions. Alternatively, you can search for the exception message on Google to see if there are any relevant solutions available.
Sincerely,
Swain
E-iceblue support team
Thanks for your feedback.
After investigation, we found that your issue may not be related to our Spire.PDF. Yesterday, I encountered a similar exception after publishing my project to Azure and resolved it by setting WEBSITE_LOAD_USER_PROFILE to 1. Since we are not familiar with your production environment, it is difficult to further investigate. For your situation, I suggest you consult simply.com's technical support to see if they have any relevant solutions. Alternatively, you can search for the exception message on Google to see if there are any relevant solutions available.
Sincerely,
Swain
E-iceblue support team
-
Swain.Wang - Posts: 34
- Joined: Thu Jun 01, 2023 3:55 am
Page 1 of 1