Hi,
We are using VeryPDF PDF Security and Signature Command Line to sign a PDF file using certificate currently, we have some questions,
Does it support signing from a token?
Does it support signing from an HSM using PKCS#11?
Thanks,
Customer
--------------------------------
Dear Customer,
Thank you for your email. We appreciate your interest in our product, VeryPDF PDF Security and Signature.
https://www.verypdf.com/app/pdf-security-and-signature/index.html
Regarding your inquiry, may I know if you are currently using the "VeryPDF PDF Security and Signature (Shell & COM & SDK)" version? If so, then the answer to your question is yes, it does support signing from a token and HSM using PKCS#11.
Our software supports a variety of digital signature types including PKCS#11, PKCS#12, and USB tokens. This allows for convenient and secure signing of PDF documents while ensuring the authenticity and integrity of the signed document.
If you have any further questions or concerns, please feel free to let us know.
Best regards,
VeryPDF
--------------------------------
Hi,
Thank you for your prompt response.
We are looking to use this for multiple clients, some using the server version an some with the personal version.
We have 3 more questions:
1) Do you have instructions on how to specify the PKCS#11 or token values on the command line?
2) Does it require that the certificate be imported in the windows certificate repository?
3) Does it require that the private key be imported as well?
Thank You.
Customer
--------------------------------
>>1) Do you have instructions on how to specify the PKCS#11 or token values on the command line?
Thanks for your message, you need import certificate into windows certificate repository first, then you can use this certificate with a name, for example,
pdfsecure.exe -cername "VeryPDF" -signrect "50,500,200,60" -signpage 1 readme.pdf _out_1.pdf
pdfsecure.exe -cername "VeryPDF" -signbgimage "logo.png" -signrect "50,500,200,60" -signpage 1 readme.pdf _out_2.pdf
pdfsecure.exe -cername "VeryPDF" -signrect "0,0,0,0" readme.pdf _out_3.pdf
pdfsecure.exe -cername "VeryPDF" -signreason "For your review." -signinfo "support@verypdf.com" -signfillcolor 00FF00 -signstrokecolor FF0000 -signlinewidth 5 readme.pdf _out_4.pdf
pdfsecure.exe -cername "VeryPDF" -createtimesign -timestampurl "http://timestamp.comodoca.com/authenticode" readme.pdf _out_5.pdf
pdfsecure.exe -cername "VeryPDF" -openpwd 123 -ownerpwd 456 -keylen 128 -perm 2048 readme.pdf _out_6.pdf
>>2) Does it require that the certificate be imported in the windows certificate repository?
Yes, you need import certificate into windows certificate repository first.
>>3) Does it require that the private key be imported as well?
It is not necessary to import the private key.
You can download and try the trial version of "VeryPDF PDF Security and Signature (Shell & COM & SDK)" software, please feel free to let us know if you encounter any problem with this software.
https://www.verypdf.com/app/pdf-security-and-signature/try-and-buy.html
https://www.verypdf.com/dl2.php/pdf-security-signature-cmd-sdk-com.zip
VeryPDF
The cticert.exe command line utility simplifies the import of certificates and private keys into a PKCS#11 cryptographic token (HSM), allowing for the use of the VeryPDF PDF Security and Signature Command Line's digital signature creation and verification capabilities. The utility supports the import of X.509 certificates and private keys from PKCS#12 formatted files and can also list and export certificates. It is vendor independent and utilizes the PKCS#11 interface. Furthermore, the utility is portable and can be used on various platforms.