TCPDF的证书 [英] Certificate for TCPDF
问题描述
我想为服务器上的加密PDF生成一个证书(目前为自签名)。我感兴趣的是TCPDF的工作流程。
我做了什么:
1)生成键:
openssl req -x509 -nodes -days 365000 -newkey rsa:1024
openssl pkcs12 -export -in tcpdf.crt -out tcpdf.p12
2)使用 .crt - file
$ b生成PDF 3)然后我启动acrobat reader并安装证书code> tcpdf.p12 )。我使用Document->安全设置 - >数字ID
4)我可以导入安全设置,但仍然无法打开PDF。不知道我是否做对吗?发生什么,acrobat reader 9.5.4打开一个对话框,输入密码。我输入密码并出现错误 - >未知错误 - > CRecipientList-218
5)我使用的代码(基本上相同)
$ certificate ='file://../tcpdf.crt';
$ info = array(
'Name'=>'TCPDF',
'Location'=>'Office',
'Reason'=> ',
'ContactInfo'=>'http://www.tcpdf.org',
);
$ pdf-> setSignature($ certificate,$ certificate,'tcpdfdemo','',2,$ info);
$ pdf-> SetProtection($ permissions = array('print','copy'),$ user_pass ='',owner_pass = null,$ mode = 1,$ pubkeys = array =>'file://../tcpdf.crt','p'=> array('print'))));
我合并了以下示例:
http://www.tcpdf.org/examples/example_052.phps
http://www.tcpdf.org/examples/example_016.phps
PS:我知道这是一个非常实用的例子。
> 1)工作流一般是如何(!)接近具有加密的PDF的证书?
2)当我生成 .p12 文件时,以后在将证书导入到杂技演员时。我问,因为我也有一代给密码的可能性。
3)如果工作流是正确的...如何解决问题?
我真的被困在这里。任何建议都是有帮助的。
这种方法基本上是正确的 - 但你可能错过了一些细节。
我一直在使用 *。crt 格式的证书,不带密码(包括私钥和公钥)它工作正常。
另请注意,您必须在PHP中安装了OpenSSL扩展。
请参阅< c $ c> TCPDF :: setSignature()由Nicola Asuni:
签名签名:openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout tcpdf.crt -out tcpdf.crt
*将crt导出到p12:openssl pkcs12 -export -in tcpdf.crt -out tcpdf .p12
*将pfx证书转换为pem:openssl pkcs12 -in tcpdf.pfx -out tcpdf.crt -nodes
您不需要将任何证书安装到Acrobat Reader中 - 使用自签名证书签名的生成的PDF文档只是显示为不受信任,但仍然可以正常打开。
I would like to generate a certificate(self-signed at the moment) for an encrypted PDF on the server. What is interesting to me is the workflow on how to to that with TCPDF.
What I did:
1) Generate keys:
openssl req -x509 -nodes -days 365000 -newkey rsa:1024
openssl pkcs12 -export -in tcpdf.crt -out tcpdf.p12
2) Then generate the PDF with the .crt - file
3) Then I started acrobat reader and installed the certificate (tcpdf.p12). I used Document->security settings -> digital id
4) I could import the security settings but still can't open the PDF. Don't know if i am doing it right? What happens that acrobat reader 9.5.4 opens a dialog with input of a password. I give in the password and an error appears -> unknown error -> CRecipientList-218
5) Code I used (basically the same)
$certificate = 'file://../tcpdf.crt';
$info = array(
'Name' => 'TCPDF',
'Location' => 'Office',
'Reason' => 'Testing TCPDF',
'ContactInfo' => 'http://www.tcpdf.org',
);
$pdf->setSignature($certificate, $certificate, 'tcpdfdemo', '', 2, $info);
$pdf->SetProtection($permissions=array('print', 'copy'), $user_pass='', owner_pass=null, $mode=1, $pubkeys=array(array('c' => 'file://../tcpdf.crt', 'p' => array('print'))));
I combined the following examples:
http://www.tcpdf.org/examples/example_052.phps
http://www.tcpdf.org/examples/example_016.phps
P.S.: I know its a very practical example. Just thought its easier to understand the steps I am doing.
Questions:
1) Is the workflow in general right on how(!) to approach certificates for a PDF with encryption?
2) When I generate the .p12 file I have to give in a password for that file which I used later on when imported the certificate into acrobat. I'm asking because I have also the possibility "on generation" to give the password.
3) If the workflow is right...how do I fix the problem?
I am really stuck here. Any advice would be helpful.
The approach is basically correct - but you may have missed some detail in it.
I have been using the certificate in *.crt format without the passphrase (including private and public key) and it works fine.
Also note, that you must have installed OpenSSL extension in PHP.
See the comments for method TCPDF::setSignature() by Nicola Asuni:
* To create self-signed signature: openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout tcpdf.crt -out tcpdf.crt
* To export crt to p12: openssl pkcs12 -export -in tcpdf.crt -out tcpdf.p12
* To convert pfx certificate to pem: openssl pkcs12 -in tcpdf.pfx -out tcpdf.crt -nodes
You dont need to install any certificate into Acrobat Reader - generated PDF documents signed with self-signed certificates simply show up as untrusted, but still they can normally open.
这篇关于TCPDF的证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
