Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

One working piece of timestamping settings please #181

Open
NextTherapist opened this issue Mar 9, 2024 · 4 comments
Open

One working piece of timestamping settings please #181

NextTherapist opened this issue Mar 9, 2024 · 4 comments

Comments

@NextTherapist
Copy link

Hi,

I never managed to create only one valid timestamp with JsignPDF. My installation: JsignPDF 2.2.2 on Windows 10 64 bit.

Could somebody please tell me one TSA URL working in JsignPDF without error? I tried different ones, with and without OCSP/CRL settings, but I always get the same error:

`INFO Erzeuge Signatur
INFO Setze Zertifizierungsstufe
INFO Bearbeite (es kann ein wenig länger dauern) ...
INFO TSA-Client erstellen.
INFO Einstellung des TSA Hash-Algorithmus: sha256
SEVERE Es ist ein Problem aufgetreten
java.lang.NullPointerException: 'identifier' cannot be null
at org.bouncycastle.asn1.ASN1ObjectIdentifier.(Unknown Source)
at com.lowagie.text.pdf.TSAClientBouncyCastle.getTimeStampToken(TSAClientBouncyCastle.java:207)
at com.lowagie.text.pdf.TSAClientBouncyCastle.getTimeStampToken(TSAClientBouncyCastle.java:186)
at com.lowagie.text.pdf.PdfPKCS7.getEncodedPKCS7(PdfPKCS7.java:1327)
at net.sf.jsignpdf.SignerLogic.signFile(SignerLogic.java:425)
at net.sf.jsignpdf.SignerLogic.run(SignerLogic.java:118)
at java.base/java.lang.Thread.run(Unknown Source)

INFO Fertig: Erzeugen der Signatur fehlgeschlagen.`

Thank you.
@NextTherapist
Copy link
Author

Is this project still alive? There seems not to be a sign of life for months.

@JohnPlanetary
Copy link

The program is working fine. And yes, the author is still updating it when really necessary, but without making any promises that will do it.

Before anything else be sure to enter the hash name properly! It is case sensitive! sha256 is not the same as SHA256!
Use:
SHA512
SHA384
SHA256

Personally I recommend to always use SHA512 unless it gives some error, then you try SHA384, and if it still gives errors try SHA256.

TSA URL that work?
Recognized in Europe (Adobe), for example:

  1. https://timestamp.sectigo.com/qualified
  2. http://ts.quovadisglobal.com/eu

Recognize worldwide (Adobe), for example:

  1. https://timestamp.sectigo.com
  2. http://ts.quovadisglobal.com/ch

Remember your personal certificate (from the National ID card, or whatever) may also failed if the CRL/ OCSP of those are not available, make sure you authorized the Java program to access the internet, if in doubt turn off the firewall.
You can get an updated Java program for free for example at: https://adoptium.net if you have Java from Oracle either have that (updated) or the Adoptium one, but don't use both at the same time.

In the OCSP you don't enter any URL unless your provider explicitly says you need to enter some URL on JSignPDF for it to work. Usually the program will use anything that the certificates indicate.

@NextTherapist
Copy link
Author

NextTherapist commented Apr 15, 2024
edited
Loading

@JohnPlanetary
Thank you! That made it!

But perhaps the two GUIs should offer two dropdown lists like on the top pages for hash algorithms. Just to prevent fools like us from selecting the wrong SHA256 hash algorithms. They look very similar and the error messages are not so enlightening in our views. :D

@JohnPlanetary
Copy link

Not sure why it is not drop down menu, maybe to immediately support any other future algorithm that the Java program supports and is compatible with PDF.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@NextTherapist @JohnPlanetary