在 Mac Adob​​e Reader 上验证数字签名

发布于 11-30 01:37 字数 369 浏览 2 评论 0原文

我正在尝试使用 GoDaddy 颁发的 SSL 证书对 PDF 进行签名。

只要您选中编辑->首选项...->安全->高级首选项->Windows 集成->下的“验证签名”复选框,这些签名就会在 Windows Reader 中显示为有效。 ;信任 Windows 证书存储区中的所有根证书以进行以下操作。

但是,我似乎在 Mac OS X 版本的 Reader 中找不到类似的设置。 Mac OS X 似乎在钥匙串中具有与 Windows 证书存储类似的东西(特别是 GoDaddy 的系统根)。

有人知道 Mac 版本上的设置与我提到的 Windows 设置类似吗?如果没有,是否有其他 PDF 阅读器适合这种情况?

I'm attempting to sign PDFs with an SSL certificate issued from Go Daddy.

These signatures show up as valid in the Windows Reader as long as you check the "Validating Signatures" check box under Edit->Preferences...->Security->Advanced Preferences->Windows Integration->Trust ALL root certificates in the Windows Certificate Store for the following operations.

However, I can't seem to find a similar setting in the Mac OS X version of Reader. Mac OS X appears to have something similar to the Windows Certificate Store in Keychain (specifically System Roots for Go Daddy).

Is anyone aware of a setting on the Mac version that's similar to the Windows setting I mentioned? If not, is there another PDF reader out there that would work for this scenario?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

那支青花2024-12-07 01:37:51

我认为它根本没有与 OS X 上的 Keychain 集成,而是依赖于它自己的证书存储;我被钥匙串指示使用可信证书的签名困扰了好几次。这就是为什么一些供应商提供用于签名 PDF 的特定目的的证书,而这些证书源自 Adob​​e 自己的“Adobe Root CA”。

如果没有,是否有其他 PDF 阅读器适合这种情况?

I think it simply doesn't integrate with Keychain on OS X and relies on its own certificate store; I was bitten by this a few times with signatures that Keychain indicated used trusted certificates. This is why some vendors offer certificates for the specific purpose of signing PDFs and these certificates descend from Adobe's very own "Adobe Root CA".

If not, is there another PDF reader out there that would work for this scenario?

锦爱2024-12-07 01:37:51

Adobe Reader 使用自己的受信任列表,并且通常运行良好对于你描述的用法。但我不确定 GoDaddy 是否在列表中。

Adobe Reader uses its own Trusted list, and normally things work well for the usage your describe. However I am not sure that GoDaddy is on the list.

情归归情2024-12-07 01:37:51

只是一个快速提示,

虽然您可以使用私钥和证书“技术上”签署任何文档,但除非您的证书是由您的机构(在您的情况下是 Go Daddy)出于以下目的向您颁发的,否则该签名将无效数字签名。根据您上面提到的,您的证书是为了保护 SSL 连接而颁发的,而不是为了对文档进行数字签名。

这可能是证书未显示在您的受信任列表中的原因,因为该列表中仅显示为数字签名目的颁发的证书。

其他人可能会帮助您进一步缩小实际解决方案的范围。

Just a quick hint,

Although you can 'technically' sign any document using a private key and a certificate, that signature won't be valid unless your certificate was issued to you by your authority (in your case Go Daddy) for the purpose of digital signature. From what you've mentioned above, your certificate was issued for securing a connection with SSL and not for digitally signing a document.

This might be the reason why the certificate is not showing up in your trusted list since only certificates issued for the purpose of digital signature are shown in that list.

Others will probably help you narrow down further towards the actual solution.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文