У меня возникли проблемы с подтверждением XAdES
подписей в моем приложении, которое использует API Xades4j
. Я пытаюсь проверить два поющих файла, 1.docx
и 2.pdf
. Когда я проверяю 2.pdf
я получаю исключениеЦепочка сертификата подтверждения XAdES4j
18:03:38.230 [http-listener-1(5)] ERROR p.c.k.i.repository.pki.DigitalSignVerifierService - Invalid certification path.
xades4j.providers.CannotBuildCertificationPathException: unable to find valid certification path to requested target
at xades4j.providers.impl.PKIXCertificateValidationProvider.validate(PKIXCertificateValidationProvider.java:257) ~[xades4j-1.3.1.jar:na]
at xades4j.verification.XadesVerifierImpl.verify(XadesVerifierImpl.java:175) ~[xades4j-1.3.1.jar:na]
at pl.comp.kbf.services.ejb.repository.pki.DigitalSignVerifierServiceImpl.verifyFileSignature(DigitalSignVerifierServiceImpl.java:95) ~[KBFPortalEJB.jar/:na]
at pl.comp.kbf.services.ejb.repository.pki.DigitalSignVerifierServiceImpl$Proxy$_$$_WeldClientProxy.verifyFileSignature(Unknown Source) [KBFPortalEJB.jar/:na]
at pl.comp.kbf.portal.documents.registered.FileSignatureBean.verifyXadesSignature(FileSignatureBean.java:210) [FileSignatureBean.class:na]
at pl.comp.kbf.portal.documents.registered.FileSignatureBean.verifySignature(FileSignatureBean.java:174) [FileSignatureBean.class:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.7.0_75]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) ~[na:1.7.0_75]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.7.0_75]
at java.lang.reflect.Method.invoke(Method.java:606) ~[na:1.7.0_75]
at com.sun.el.parser.AstValue.invoke(AstValue.java:289) [javax.el.jar:3.0.1-b03]
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:304) [javax.el.jar:3.0.1-b03]
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:40) [weld-osgi-bundle.jar:2014-06-18 10:59]
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50) [weld-osgi-bundle.jar:2014-06-18 10:59]
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105) [javax.faces.jar:2.2.7]
at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:87) [javax.faces.jar:2.2.7]
at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102) [javax.faces.jar:2.2.7]
at javax.faces.component.UICommand.broadcast(UICommand.java:315) [javax.faces.jar:2.2.7]
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:790) [javax.faces.jar:2.2.7]
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1282) [javax.faces.jar:2.2.7]
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81) [javax.faces.jar:2.2.7]
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) [javax.faces.jar:2.2.7]
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:198) [javax.faces.jar:2.2.7]
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:646) [javax.faces.jar:2.2.7]
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1682) [web-core.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:344) [web-core.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [web-core.jar:na]
at org.primefaces.webapp.filter.FileUploadFilter.doFilter(FileUploadFilter.java:105) [primefaces-5.1.jar:5.1]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256) [web-core.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [web-core.jar:na]
at org.ocpsoft.rewrite.servlet.RewriteFilter.doFilter(RewriteFilter.java:205) [rewrite-servlet-2.0.12.Final.jar:2.0.12.Final]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256) [web-core.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [web-core.jar:na]
at org.apache.catalina.core.ApplicationDispatcher.doInvoke(ApplicationDispatcher.java:873) [web-core.jar:na]
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:739) [web-core.jar:na]
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:575) [web-core.jar:na]
at org.apache.catalina.core.ApplicationDispatcher.doDispatch(ApplicationDispatcher.java:546) [web-core.jar:na]
at org.apache.catalina.core.ApplicationDispatcher.dispatch(ApplicationDispatcher.java:428) [web-core.jar:na]
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:378) [web-core.jar:na]
at org.ocpsoft.rewrite.servlet.impl.HttpRewriteResultHandler.handleResult(HttpRewriteResultHandler.java:41) [rewrite-servlet-2.0.12.Final.jar:2.0.12.Final]
at org.ocpsoft.rewrite.servlet.RewriteFilter.rewrite(RewriteFilter.java:268) [rewrite-servlet-2.0.12.Final.jar:2.0.12.Final]
at org.ocpsoft.rewrite.servlet.RewriteFilter.doFilter(RewriteFilter.java:188) [rewrite-servlet-2.0.12.Final.jar:2.0.12.Final]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256) [web-core.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [web-core.jar:na]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:316) [web-core.jar:na]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:160) [web-core.jar:na]
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:734) [web-core.jar:na]
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:673) [web-core.jar:na]
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:99) [web-glue.jar:na]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:174) [web-core.jar:na]
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:415) [web-core.jar:na]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:282) [web-core.jar:na]
at com.sun.enterprise.v3.services.impl.ContainerMapper$HttpHandlerCallable.call(ContainerMapper.java:459) [kernel.jar:na]
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:167) [kernel.jar:na]
at org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:201) [nucleus-grizzly-all.jar:na]
at org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:175) [nucleus-grizzly-all.jar:na]
at org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:235) [nucleus-grizzly-all.jar:na]
at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119) [nucleus-grizzly-all.jar:na]
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:284) [nucleus-grizzly-all.jar:na]
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:201) [nucleus-grizzly-all.jar:na]
at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:133) [nucleus-grizzly-all.jar:na]
at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:112) [nucleus-grizzly-all.jar:na]
at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77) [nucleus-grizzly-all.jar:na]
at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:561) [nucleus-grizzly-all.jar:na]
at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:112) [nucleus-grizzly-all.jar:na]
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:117) [nucleus-grizzly-all.jar:na]
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:56) [nucleus-grizzly-all.jar:na]
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:137) [nucleus-grizzly-all.jar:na]
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:565) [nucleus-grizzly-all.jar:na]
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:545) [nucleus-grizzly-all.jar:na]
at java.lang.Thread.run(Thread.java:745) [na:1.7.0_75]
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196) ~[na:1.7.0_75]
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268) ~[na:1.7.0_75]
at xades4j.providers.impl.PKIXCertificateValidationProvider.validate(PKIXCertificateValidationProvider.java:253) ~[xades4j-1.3.1.jar:na]
... 70 common frames omitted
Я знаю, что подпись, которая 2.pdf
подписания истек, но я хочу, чтобы проверить, все без исключения ... Когда я проверить не истек 1.docx
в моей Aplication проверка успешна. Также я пытаюсь проверить оба файла онлайн, и в двух случаях проверка прошла успешно. Ниже я хочу показать цепочку сертификатов в двух файлах.
В первом файле я положил один .cer
файл Java и хранилища ключей я загрузить этот файл Cert магазина. Во втором файле я помещаю два файла .cer
, первый и второй элемент цепочки. Где моя проблема?
Но когда я изменить дату на компьютере, ошибка стил существует ... – karoluch
Я отредактировал мой ответ. Есть ли временная метка подписи? – lgoncalves
думаю нет. Ниже я опубликовал код подписи xml – karoluch