I'm not familar with PKI. I wonder if there is a certificate which supports PDF signature & Apache wildcard server. I mean, from which CA to request such a certificate to authorize my SignServer, then all certificates issued by my SignServer will be trusted globally.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I am not aware of any publicly trusted CA that issues certificates that are both for SSL/TLS server certificates and document signing and at the same time also trusted both in the web browsers and in PDF readers. I would imagine the requirements from the web browser root programs and probably also Adobe's root program would prohibit that combination.
On the other hand I am not sure why you would like to have one certificate for this two different usages? Normally you would have one private key and corresponding certificate for the web server and a different private key and certificate for PDF signing.
Those certificates you would request individually from any publicly trusted CA that issues certifiates of that type.
Cheers,
Markus
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I'm not familar with PKI. I wonder if there is a certificate which supports PDF signature & Apache wildcard server. I mean, from which CA to request such a certificate to authorize my SignServer, then all certificates issued by my SignServer will be trusted globally.
Hi winofchina,
I am not aware of any publicly trusted CA that issues certificates that are both for SSL/TLS server certificates and document signing and at the same time also trusted both in the web browsers and in PDF readers. I would imagine the requirements from the web browser root programs and probably also Adobe's root program would prohibit that combination.
On the other hand I am not sure why you would like to have one certificate for this two different usages? Normally you would have one private key and corresponding certificate for the web server and a different private key and certificate for PDF signing.
Those certificates you would request individually from any publicly trusted CA that issues certifiates of that type.
Cheers,
Markus