Since you have no idea what viewer your target will use to display your signed PDF, you are anyway in a bad situation (even if you subscribe to a document signing service). the Chrome Browser's PDF viewer and Ubuntu's default PDF viewer Evince). Other PDF viewers will display the signature, but NOT indicate, that it is not trusted (e.g. the inbuilt PDF viewer from Firefox does not display anything). Interestingly many PDF Viewers do anyway ignore the signing (e.g. StartSSL used to give out free certificates, but they do not exist anymore (they were seriously challenged with their own security). There used to be, but to my knowledge, all browsers have removed the CAcert certificates and the same is likely true for Acrobat. Technically you can created your own signatures (self-signed certificates), but if such PDFs are viewed with Acrobat Reader, the signature will be flagged as invalid and the fact of self-signing is displayed. HelloSign (, now owned by DropBox) has also a free tier (allowing to sign 3 documents/month) and when signing, it embeds an invisible signature (which was invalid for some strange reason when I tested it even though HelloSign is in Adobe's approved trust list). DocuSign has a 30-day free trial, but I do not know whether the certificats that you generate during the trial with continue to be valid after the end of the trial. a PDF and you have no means or do not want to subscribe to one of the document-signing certificate service like DocuSign? Even with DocuSign's budget plan a single digital signing costs $2. So what do you do if you need to sign e.g. Anybody figured this out? Until somebody shows me how to sign with LibreOffice, I use the very good, but proprietary software PDFStudio to import my GPG keys and sign my PDF files. Ubuntu 19.10 has fixed at least the invokation of the key manager from LibreOffice and I can invoke SeaHorse from the document signing dialog, but I still have no clue how to make my gpg keys visible to LibreOffice. However one does it, something's not right. In fact, I still do not have a satisfactory way to do this. I am using the default Ubuntu 18.04 installation and it was quite an odyssey to get a document signed. The scdaemon gives smartcard support (which I do not have, but without the scdaemon the Kleopatra key manager refuses to run). Debian removed scdaemon from the gnupg2 package and as usual, one needs to be a command line ninja to fix this. This experience shows, that despite Edward Snowden most people do not proactively care about security and privacy. I still have to find the person that managed to digitally sign a LibreOffice document. When you belive the internet, document signing is inbuilt into LibreOffice. If these certificates don't exist, are out of date or are invalid on your Zorin installation there might be some conflict with the Evince program installed with your OS as it checks the authenticity of the digitally-signed PDF against the system's trust store to determine the certificate chain in the embedded digital signature and checks it for validity/whether it was issued by a trusted CA.įor this, you might try: sudo apt-get install ca-certificatesīy installing the ca-certificates package, the system's trusted CA certificates list is updated.The whole story started when I tried to sign a LibreOffice document. If the certificate chain is invalid or the certificate is untrusted, Evince displays a red X indicating that the signature is not valid. If the certificate chain is valid and the certificate is trusted, Evince displays a green checkmark indicating that the signature is valid. When a PDF is digitally signed, it contains a digital signature that is verified using a public key infrastructure (PKI) based on certificates issued by trusted certificate authorities (CAs). Regarding the CA certificates realm of possibility:Įvince can check the authenticity of digitally-signed PDFs using CA certificates. To automatically synchronize the system clock with remote network time protocols from the internet: sudo timedatectl set-ntp true If the above doesn't help, its possible that a system date/time conflict exists on the machine you're trying to use or a certificate issue might be causing the problem as well. I'm just hoping to learn why the gnome pdf viewer in Zorin can't open a digitally signed pdf file when the same gnome app in Ubuntu will open them.Ĭan you try sudo apt-get update and then sudo apt-get install -reinstall evince and let us know if this changes your problem at all?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |