Wiki source code of Wie erstelle ich eine digitale Unterschrift mit Zertifikat?
Last modified by Aysegül Omus on 2024/04/22 12:50
Hide last authors
author | version | line-number | content |
---|---|---|---|
135.5 | 1 | = Set Up Digital Signature = | |
1.1 | 2 | ||
135.5 | 3 | This [[Wiki Page>>https://xwiki.rbg.tum.de/bin/view/Informatik/Helpdesk/DigitaleUnterschriftValidieren]] describes how to validate a digital signature. | |
1.1 | 4 | ||
5 | |||
135.5 | 6 | ||
1.1 | 7 | {{toc/}} | |
8 | |||
9 | |||
10 | == 1. Mac OS X == | ||
11 | |||
12 | === Adobe Reader === | ||
13 | |||
135.5 | 14 | ==== Import Certificate ==== | |
1.1 | 15 | ||
16 | |||
135.5 | 17 | You can download Adobe Reader for Mac OS X [[here>>https://get.adobe.com/de/reader/]]. | |
1.1 | 18 | ||
135.5 | 19 | Start up the program 'Adobe Reader DC' and click on **Preferences**. | |
1.1 | 20 | ||
135.5 | 21 | [[image:Adobereaderpreferences.png||width="800"]] | |
1.1 | 22 | ||
23 | |||
24 | |||
25 | |||
135.5 | 26 | Choose **Signatures** from the dropdown menu. | |
1.1 | 27 | ||
135.5 | 28 | [[image:adobereadersignatures.png||width="500"]] | |
1.1 | 29 | ||
30 | |||
31 | |||
32 | |||
135.5 | 33 | Click on **More** in the **Identities & trusted Certificates** section. | |
1.1 | 34 | ||
135.5 | 35 | [[image:adobereadermore.png||width="800"]] | |
1.1 | 36 | ||
37 | |||
38 | |||
39 | |||
135.5 | 40 | Choose **Digital ID Files** and click on **Attach File** in order to import a certificate. | |
1.1 | 41 | ||
135.5 | 42 | [[image:digsigattfilefiles.png||width="800"]] | |
1.1 | 43 | ||
44 | |||
45 | |||
46 | |||
135.5 | 47 | Choose your certificate file. | |
1.1 | 48 | ||
135.5 | 49 | [[image:digsigzertopen.png||width="800"]] | |
1.1 | 50 | ||
51 | |||
52 | |||
53 | |||
135.5 | 54 | Enter the password that was previously set, when exporting the certificate. | |
1.1 | 55 | ||
135.5 | 56 | **Note**: If no password was set, during the exportation of the certificate this step can be skipped. | |
1.1 | 57 | ||
135.5 | 58 | [[image:digsigattfilepwd.png||width="800"]] | |
1.1 | 59 | ||
60 | |||
61 | |||
62 | |||
135.5 | 63 | The Certificate is now imported and can be used for digital signatures. | |
1.1 | 64 | ||
135.5 | 65 | [[image:digsigaddidfinish.png||width="800"]] | |
1.1 | 66 | ||
67 | |||
135.5 | 68 | You can also synchronize Adobe Reader with Keychain Access and import all certificates at the same time. | |
1.1 | 69 | ||
70 | |||
71 | |||
72 | |||
135.5 | 73 | ==== Using Digital Signature ==== | |
1.1 | 74 | ||
75 | |||
135.5 | 76 | In order to sign a file with your digital signature, click on the blue field. | |
129.2 | 77 | ||
135.5 | 78 | [[image:adobereaderunterschrift.png||width="800"]] | |
129.2 | 79 | ||
130.2 | 80 | ||
135.5 | 81 | ||
82 | |||
83 | Choose your certificate. | ||
84 | |||
85 | [[image:digsigzertauswaehlen.png||width="800"]] | ||
86 | |||
87 | |||
88 | |||
89 | |||
90 | Enter the password set during exportation. | ||
91 | |||
92 | [[image:digsigpasseingabe.png||width="800"]] | ||
93 | |||
94 | |||
95 | |||
96 | |||
97 | Click on **Sign**. | ||
98 | |||
99 | [[image:digsigpasswdsign.png||width="800"]] | ||
100 | |||
101 | |||
102 | |||
103 | |||
104 | Next, save the File. This will confirm the digital signature. | ||
105 | |||
106 | [[image:adobereaderpreferencesspeicherndatei.png||width="800"]] | ||
107 | |||
108 | |||
109 | |||
110 | |||
111 | The digital signature looks as follows: | ||
112 | |||
113 | [[image:adobereaderpreferencesdigitalunterschrieben wiki.png||width="800"]] | ||
114 | |||
115 | |||
116 | |||
1.1 | 117 | == 2. Windows 10 == | |
118 | |||
135.5 | 119 | You can download Adobe Reader [[here>>https://get.adobe.com/de/reader/otherversions/]] | |
1.1 | 120 | ||
135.5 | 121 | ||
1.1 | 122 | === Adobe Reader === | |
123 | |||
135.5 | 124 | ==== Import Certificate ==== | |
128.1 | 125 | ||
1.1 | 126 | ||
135.5 | 127 | The setup for digital signatures in Windows is parallel to Mac OS. | |
1.1 | 128 | ||
135.5 | 129 | Go to the **Preferences** Panel. | |
1.1 | 130 | ||
135.5 | 131 | [[image:adobewinpreferences.png||width="800"]] | |
1.1 | 132 | ||
133 | |||
134 | |||
135 | |||
135.5 | 136 | Click on **Signatures** and then on **More**. | |
1.1 | 137 | ||
135.5 | 138 | [[image:adobewinsignature.png||width="1000"]] | |
1.1 | 139 | ||
140 | |||
141 | |||
142 | |||
135.5 | 143 | You can now import your certificate. Choose **Digital ID Files** on the left hand side and **Attach File** in order to do so. | |
1.1 | 144 | ||
135.5 | 145 | [[image:adobewinatttach1.png||width="800"]] | |
1.1 | 146 | ||
147 | |||
148 | |||
149 | |||
135.5 | 150 | Once the certificate has been chosen, enter the corresponding password, set during the exportation process. | |
1.1 | 151 | ||
135.5 | 152 | **Note**: If no password was set, during the exportation of the certificate this step can be skipped. | |
1.1 | 153 | ||
135.5 | 154 | [[image:adobewinattachfile.png||width="800"]] | |
1.1 | 155 | ||
156 | |||
157 | |||
158 | |||
135.5 | 159 | ==== Using Digital Signature ==== | |
1.1 | 160 | ||
135.5 | 161 | In order to sign a file with your digital signature, click on the field to which you wish to add the signature. | |
1.1 | 162 | ||
135.5 | 163 | [[image:adobereaderunterschrift.png||width="800"]] Choose your certificate. | |
164 | |||
165 | |||
166 | |||
167 | |||
168 | [[image:adobewindigidauswaehlen.png||width="800"]] Next, save the File. This will confirm the digital signature. | ||
169 | |||
170 | |||
171 | |||
172 | |||
173 | [[image:adobereaderpreferencesdigitalunterschrieben wiki.png||width="800"]] | ||
174 | |||
175 | |||
176 | |||
177 | |||
128.1 | 178 | === JSignPdf === | |
1.1 | 179 | ||
135.5 | 180 | You can download this tool [[here>>https://sourceforge.net/projects/jsignpdf/files/latest/download]]. It will download an .exe file. | |
1.1 | 181 | ||
135.5 | 182 | Open it with a double click and install it: | |
183 | [[image:windowssetup1.png||width="1200"]] | ||
1.1 | 184 | ||
185 | |||
186 | |||
187 | |||
135.5 | 188 | [[image:windowsetup2.png||width="1200"]] | |
1.1 | 189 | ||
190 | |||
191 | |||
135.5 | 192 | [[image:windowssetup3.png||width="600"]] Start the program. | |
1.1 | 193 | ||
194 | |||
195 | |||
135.5 | 196 | [[image:windowsprogrammstart.png||width="800"]] | |
1.1 | 197 | ||
198 | |||
199 | |||
200 | |||
135.5 | 201 | Choose the **Keystore Type** **PKCS12-DEF-3DES-3DES** and the certificate you wish to use. Enter the corresponding password below and choose the file you wish to sign digitally. Click on **Settings**. | |
1.1 | 202 | ||
135.5 | 203 | **Note**: If no password was set, during the exportation of the certificate, no password needs to be entered here. | |
1.1 | 204 | ||
135.5 | 205 | [[image:jsignpdfeinstellungen.png||width="1000"]] | |
1.1 | 206 | ||
207 | |||
208 | |||
209 | |||
135.5 | 210 | Click on **Preview and Select**. | |
1.1 | 211 | ||
135.5 | 212 | [[image:digsignwinprewievselect.png||width="1000"]] | |
1.1 | 213 | ||
214 | |||
215 | |||
216 | |||
135.5 | 217 | Highlight the field in which to use the signature | |
1.1 | 218 | ||
135.5 | 219 | [[image:winddigsignfeldmark.png||height="528" width="1141"]] | |
1.1 | 220 | ||
221 | |||
222 | |||
135.5 | 223 | ||
224 | You can adjust the position of the signature with these parameters. | ||
225 | [[image:digsignwinprewievselectcloseneu.png||width="1000"]] | ||
226 | |||
227 | |||
228 | |||
229 | |||
230 | Click on **TSA/OCSP/CLR** and activate **Use Timestamp Server**. | ||
231 | [[image:timestampdigsigwind.png||width="1000"]] | ||
232 | |||
233 | |||
234 | |||
235 | |||
236 | Finally, click on **Sign It**. | ||
237 | |||
238 | [[image:signitwindigsignat.png||width="1000"]] | ||
239 | |||
240 | |||
241 | |||
242 | |||
243 | You can see the details in the Output Console of the program. | ||
244 | |||
1.1 | 245 | [[image:digsignwindkonsole.png||width="1000"]] | |
246 | |||
247 | |||
135.5 | 248 | ||
249 | |||
250 | The digital signature looks as follows: | ||
1.1 | 251 | [[image:digsignwind.png||width="1000"]] | |
252 | |||
135.5 | 253 | The digitally signed file is automatically saved as a new file in the directory of the original file. | |
1.1 | 254 | ||
255 | |||
135.5 | 256 | ||
257 | |||
1.1 | 258 | == 3. Linux == | |
259 | |||
128.1 | 260 | === JSignPdf === | |
1.1 | 261 | ||
135.5 | 262 | You can download the tool [[here>>https://sourceforge.net/projects/jsignpdf/files/latest/download]]. This will download a .zip file. Unpack the file. | |
1.1 | 263 | ||
135.5 | 264 | Install Java via the console. | |
1.1 | 265 | ||
266 | {{html wiki="true"}} | ||
128.1 | 267 | {{code}}sudo apt-get install openjdk-8-jre{{/code}} | |
1.1 | 268 | {{/html}} | |
269 | |||
270 | |||
135.5 | 271 | ||
272 | Go to the directory jsignpdf-1.6.4: | ||
273 | |||
1.1 | 274 | {{html wiki="true"}} | |
128.1 | 275 | {{code}}cd ~/jsignpdf-1.6.4/{{/code}} | |
1.1 | 276 | {{/html}} | |
277 | |||
278 | |||
135.5 | 279 | ||
280 | and use this command: | ||
281 | |||
1.1 | 282 | {{html wiki="true"}} | |
128.1 | 283 | {{code}}java -jar JSignPdf.jar{{/code}} | |
1.1 | 284 | {{/html}} | |
285 | |||
286 | |||
287 | |||
288 | |||
135.5 | 289 | This will launch the program. Choose the Keystore type **PKCS12-3DEF-3DES-3DES** , the desired **Certificate**, the corresponding P**assword** set while exporting it and the file to be digitally signed. | |
1.1 | 290 | ||
135.5 | 291 | **Note**: If no password was set, during the exportation of the certificate, no password needs to be entered here. | |
1.1 | 292 | ||
135.5 | 293 | Click on **TSA/OCSP/CRL**. | |
1.1 | 294 | ||
135.5 | 295 | [[image:JSIGNPDFLINUX-TSA:OCSP:CRL.png||width="1000"]] | |
1.1 | 296 | ||
297 | |||
298 | |||
299 | |||
135.5 | 300 | Activate **Use Timestamp Server**. | |
1.1 | 301 | ||
135.5 | 302 | [[image:timestempelserverlinux.png||width="1000"]] | |
1.1 | 303 | ||
304 | |||
305 | |||
306 | |||
135.5 | 307 | Open **Settings**. | |
1.1 | 308 | ||
135.5 | 309 | [[image:jsignpdfeinstellungenlinux.png||width="1000"]] | |
1.1 | 310 | ||
311 | |||
312 | |||
313 | |||
135.5 | 314 | Click **Preview & Select**. | |
1.1 | 315 | ||
135.5 | 316 | [[image:jsginpdflinuxprewievselect.png||width="1000"]] | |
1.1 | 317 | ||
318 | |||
319 | |||
320 | |||
135.5 | 321 | The PDF-File should open. Choose the filed in which you wish to insert your digital signature and click on **Close**. | |
1.1 | 322 | ||
135.5 | 323 | [[image:feldmarkierenlinux.png||width="1200"]] | |
1.1 | 324 | ||
325 | |||
326 | |||
327 | |||
135.5 | 328 | __**Signature name and Description**__ | |
1.1 | 329 | ||
135.5 | 330 | Choose font size 6, in order to have enough space for the date to be displayed. | |
1.1 | 331 | ||
135.5 | 332 | [[image:jsignpdfbereichmanuellauswaehlenlinux.png||width="1000"]] | |
1.1 | 333 | ||
334 | |||
335 | |||
336 | |||
135.5 | 337 | __**Only Description**__ | |
1.1 | 338 | ||
135.5 | 339 | Choose **Only Description** and click on **Close**. | |
1.1 | 340 | ||
135.5 | 341 | [[image:jsignpdfnurbeschreibunglinux8.png||width="1000"]] | |
1.1 | 342 | ||
343 | |||
344 | |||
131.1 | 345 | ||
135.5 | 346 | Click on **Sign**. | |
131.1 | 347 | ||
135.5 | 348 | [[image:jsignpdfsignierenlinux.png||width="1000"]] | |
131.1 | 349 | ||
350 | |||
132.1 | 351 | ||
352 | |||
135.5 | 353 | You can see the details in the Output Console of the program.. | |
132.1 | 354 | ||
135.5 | 355 | [[image:jsignkonsolelinux.png||width="1000"]] | |
132.1 | 356 | ||
357 | |||
358 | |||
359 | |||
135.5 | 360 | The digitally signed file is automatically saved as a new file in the directory of the original file. | |
132.1 | 361 | ||
135.5 | 362 | The digital signature with the setup **Signature name and Description** and font size **8** in Adobe Reader looks as follows: | |
132.1 | 363 | ||
135.5 | 364 | [[image:jsginpdflinux8.png||width="1000"]] | |
132.1 | 365 | ||
366 | |||
367 | |||
368 | |||
135.5 | 369 | The digital signature with the setup **Signature name and Description** and font size **6** in Adobe Reader looks as follows. | |
132.1 | 370 | ||
135.5 | 371 | [[image:signpdf6linux.png||width="1000"]] | |
132.1 | 372 | ||
135.5 | 373 | ||
374 | |||
375 | |||
376 | The digital signature with the setup **Only Description** and font size **8** in Adobe Reader looks as follows: | ||
377 | |||
378 | [[image:jsignnurbeschreibunglinux.png||width="1000"]] |