尝试验证签名PDF时出现无效签名错误?
答案 0 :(得分:2)
简而言之
其关联私钥已用于签署PDF的证书具有密钥用法条目,表明它不用于签署文档,而是用于加密私钥或密钥,即用于密钥运输。
请使用为文档签名生成的私钥和证书
详细
您的证书有
1088 14: SEQUENCE {
1090 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
1095 1: BOOLEAN TRUE
1098 4: OCTET STRING, encapsulates {
1100 2: BIT STRING 5 unused bits
: '100'B (bit 2)
: }
: }
RFC 5280定义:
KeyUsage ::= BIT STRING {
digitalSignature (0),
nonRepudiation (1), -- recent editions of X.509 have
-- renamed this bit to contentCommitment
keyEncipherment (2),
dataEncipherment (3),
keyAgreement (4),
keyCertSign (5),
cRLSign (6),
encipherOnly (7),
decipherOnly (8) }
...
The keyEncipherment bit is asserted when the subject public key is
used for enciphering private or secret keys, i.e., for key
transport. For example, this bit shall be set when an RSA public
key is to be used for encrypting a symmetric content-decryption
key or an asymmetric private key.
答案 1 :(得分:-1)
证书需要由CA签名(非自签名)或Acrobat将显示"此签名存在问题"信息。您可以通过临时将证书添加到受信任的商店来为您的计算机本地解决此问题(尽管其他计算机仍会看到警告)(但是,请务必在测试后将其删除:https://security.stackexchange.com/questions/36913/adding-self-signed-certificate-to-trusted-store)。