Classic ASP
Classic ASP
Sign PDF using ARSS (Aruba Remote Signing Service)
See more Signing in the Cloud Examples
Demonstrates how to digitally sign a PDF using the Aruba Remote Signing Service (ARSS).
The example loads a local PDF and certificate, configures the ARSS cloud signer credentials,
specifies the OTP authentication type with typeOtpAuth, and creates an
LTV-enabled signed PDF where the private key remains protected on the Aruba signing server.
Chilkat Classic ASP Downloads
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
success = 0
' This example requires the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.
set pdf = Server.CreateObject("Chilkat.Pdf")
' Load the PDF that will be digitally signed.
success = pdf.LoadFile("qa_data/pdf/hello.pdf")
If (success = 0) Then
Response.Write "<pre>" & Server.HTMLEncode( pdf.LastErrorText) & "</pre>"
Response.End
End If
' Signing options are specified in a JSON object.
set json = Server.CreateObject("Chilkat.JsonObject")
' Enable LTV (Long-Term Validation).
' When ltvOcsp is true, OCSP validation information is embedded in the PDF
' so that signature validation can continue to succeed in the future,
' even if the original OCSP responder is no longer available.
success = json.UpdateBool("ltvOcsp",1)
' Specify the visual appearance of the signature on the PDF page.
success = json.UpdateInt("page",1)
success = json.UpdateString("appearance.y","top")
success = json.UpdateString("appearance.x","left")
success = json.UpdateString("appearance.fontScale","10.0")
' Text lines displayed in the visible signature appearance.
' Special values such as "cert_cn" and "current_dt" are replaced
' with the certificate common name and current date/time.
success = json.UpdateString("appearance.text[0]","Digitally signed by: cert_cn")
success = json.UpdateString("appearance.text[1]","current_dt")
success = json.UpdateString("appearance.text[2]","This is an LTV-enabled signature.")
' Load the signing certificate.
'
' The private key is NOT stored locally. Instead, the private key is
' stored and protected on the Aruba Remote Signing Service (ARSS).
'
' Even though the signing operation will occur remotely, Chilkat still
' needs the corresponding public certificate locally so that it can
' construct the CMS/PAdES signature and embed the certificate chain
' in the signed PDF.
set cert = Server.CreateObject("Chilkat.Cert")
success = cert.LoadFromFile("qa_data/certs/myCert.cer")
If (success = 0) Then
Response.Write "<pre>" & Server.HTMLEncode( cert.LastErrorText) & "</pre>"
Response.End
End If
' Configure Aruba Remote Signing Service (ARSS) credentials.
'
' When SetCloudSigner is called, Chilkat is instructed to perform
' cryptographic signing operations through the ARSS web service.
' The PDF is assembled locally, but the actual RSA signature operation
' is performed remotely using the private key held by Aruba.
set jsonArss = Server.CreateObject("Chilkat.JsonObject")
' Required. Indicates that the cloud signing provider is ARSS.
success = jsonArss.UpdateString("service","ARSS")
' The ARSS certificate identifier (for example, "AS0").
' This identifies which remote certificate/private key pair should be used.
' The remote certificate should correspond to the certificate loaded above.
success = jsonArss.UpdateString("certID","YOUR_ARSS_CERT_ID")
' OTP password associated with the Aruba remote-signing account.
' Depending on the ARSS configuration, an OTP may be required to
' authorize each signing operation.
success = jsonArss.UpdateString("otpPwd","YOUR_OTP_PWD")
' Specifies the OTP authentication environment.
'
' Common values are:
' "demoprod" - Demo/Test environment
' "prod" - Production environment
'
' This value is sent to the ARSS service and determines how the OTP
' authentication is validated. The correct value depends on the type
' of Aruba account and environment that has been provisioned.
'
' If signing fails with an authentication-related error, verify that
' the typeOtpAuth value matches the environment associated with the
' ARSS account credentials being used.
success = jsonArss.UpdateString("typeOtpAuth","demoprod")
' ARSS account username.
success = jsonArss.UpdateString("user","YOUR_ARSS_USERNAME")
' ARSS account password.
success = jsonArss.UpdateString("userPWD","YOUR_ARSS_PASSWORD")
' Beginning with Chilkat v11.5.0, the ARSS endpoint can be explicitly
' specified. This allows the application to target a particular
' Aruba signing service endpoint when required.
success = jsonArss.UpdateString("endpoint","https://app1.firma-remota.it/ArubaSignerService/webresources/signerservice")
success = cert.SetCloudSigner(jsonArss)
If (success = 0) Then
Response.Write "<pre>" & Server.HTMLEncode( cert.LastErrorText) & "</pre>"
Response.End
End If
' Associate the certificate with the PDF object.
' All subsequent signing operations will use this certificate.
success = pdf.SetSigningCert(cert)
If (success = 0) Then
Response.Write "<pre>" & Server.HTMLEncode( pdf.LastErrorText) & "</pre>"
Response.End
End If
' Create the signed PDF.
'
' Chilkat performs all PDF processing locally. When the time comes
' to generate the cryptographic signature value, Chilkat sends the
' hash to ARSS, which signs it using the remote private key and returns
' the signature. The private key never leaves the Aruba service.
success = pdf.SignPdf(json,"qa_output/hello_ltv_signed.pdf")
If (success = 0) Then
Response.Write "<pre>" & Server.HTMLEncode( pdf.LastErrorText) & "</pre>"
Response.End
End If
Response.Write "<pre>" & Server.HTMLEncode( "The PDF has been successfully cryptographically signed with long-term validation.") & "</pre>"
%>
</body>
</html>