Embedded timestamp could not be verified for certain TSA
I am getting embedded timestamp could not be verified for TSA : http://timestamp.digicert.com
but with same sample code and TSA : http://ts.quovadisglobal.com/eu . It works fine
I am using PDFBox example for singing a document https://github.com/apache/pdfbox/blob/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java
If you compare the trust tabs of the Acrobat time stamp certificate viewer ("Show Signature Properties..." -> "Advanced Properties..." -> "Show Certificate..."), the problem becomes clear:
| not working | working |
|---|---|
 |
 |
As you can read at the top of that tab in case of the working time stamp,
This certificate is directly trusted in your trusted certificates list. Source of Trust obtained from European Union Trusted Lists (EUTL).
and in case of the not working time stamp,
This certificate is not trusted.
(If you click through the certificate chain, you'll see the same again and again, not trusted.)
Looking into the Adobe Acrobat Trusted Certificates, one currently sees
So indeed, the G4 DigiCert certificates used to sign your problem time stamp are not trusted by Adobe Acrobat. Thus, Acrobat cannot verify the time stamp.
But have a look at the validity dates of the intermediary certificate and the TSA certificate,
- DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA is valid from 2022/03/23 02:00:00 +02'00' and
- DigiCert Timestamp 2022 - 2 is valid from 2022/03/29 02:00:00 +02'00'.
They have been issued less then 2 weeks ago! Maybe they simply are not yet on the Adobe trust lists (AATL / EUTL). I've seen relevant trust anchors taking months to be included in those lists. Thus, it's not unlikely that Adobe Acrobat will become able to validate those time stamps over time.
- NullPointerException in Java JDK code while performing parallelStream.forEach(..)
- Locating code that is filling PermGen with dead Groovy code
- Cannot find test class in project - "The input type of the launch configuration does not exist"
- Passing the values to the fraction class in java
- How to use different authentication methods for different paths using Spring Security
- how to fetch and validate csv header in open csv?
- 4-Sum algorithm failing with duplicate values in Java
- Error getting month while using Calendar object
- java Calendar Timezones strange stuff
- java.util.Date class with different approach for same date gives different output
- Finding out the type of invoked method in JDT
- How to get the size of a file in MB (Megabytes)?
- Exception in thread "main" java.lang.IllegalStateException: Attempted to load Config resource 'class path resource [application.yml]'
- Why does Google Calendar.Events.Watch say my request is not HTTPS
- Java - Class.forName, how to get a Field from Class
- Use of verify() method with and without times(1) parameter
- JDBC connection without database definition
- Running my testNG project from a jar using Maven
- Do subclasses inherit interfaces?
- Spring Security - how can I ask invoke access control methods directly?
- most accurate time type in java?
- How to get the currently selected application from Windows in Java
- validate the credit card expiry date using java?
- Finding the square root of a number by using binary search
- log4j : current time in milliseconds
- Why Joda DateTime gives different result than Java Date?
- Tomcat - maxThreads vs. maxConnections
- Android notification importance cannot be changed
- How to enable all endpoints in actuator (Spring Boot 2.0.0 RC1)
- Map rainbow colors to RGB