Digital sign a PDF with PHP / Symfony / TCPDF

Question

I'm trying to sign a pdf throw the example from "https://tcpdf.org/examples/example_052/"

My certificate file extension is ".p12" instead of ".crt". So I changed the 77 line that makes reference to the certificate.

$certificate = 'file://data/cert/tcpdf.crt'; -> $certificate = 'file://data/cert/myCertificate.p12';

Antoher thing I changed is the third parameter in the setSignature function in the 88 line. This third parameter is the "private_key_password" and I added my associated password to the private_key. (I also tried without changing this value)

But, the result creates a pdf but Adobe Acrobat Reader informs that "The validity of the document certification is UNKONOWN" and also if you try to read the "Signature Details"->"Certificate Details..." inside the Adobe Acrobat Reader the program ends unexpectedly. Clearly the digital signature does not apply to the pdf correctly.

Any idea about what happens? Thank you very much.

Ricard Espinàs Llovet Ricard Espinàs Llovet · Accepted Answer · 2018-07-09T15:22:20

To be able to apply this example with my certificate I had to convert my pfx file certificate (".p12") to 2 kinds of ".pem" throw these nexts commands lines:

openssl pkcs12 -in myOldCertificate.p12 -clcerts -nokeys -out publicCert.pem -> asked me "Enter Import Password"

openssl pkcs12 -in myOldCertificate.p12 -nocerts -out privateKey_cert.pem -> asked me "Enter Import Password" and also for "Enter PEM pass phrase"

So finally, I just changed the line 89 from the downloaded example 52.

// set document signature

$pdf->setSignature('file:///var/www/html/publicCert.pem', 'file:///var/www/html/privateKey_cert.pem', 'xxxxxx', '', 2, $info);

In the 'xxxxx' I wrote the same string as the Import password and, just in case, also the same for PEM pass phrase.

Digital sign a PDF with PHP / Symfony / TCPDF

1 Answers