PDF Digital Signer

Content Type: Module
Categories: Utility,Data

Overview

The PDF Digital Signer allows you to cryptographically seal PDF documents using a .pfx or .p12 certificate (Private Key).

Why use this module? Standard PDF generation often lacks security layers. With this module, you ensure Data Integrity: any modification to the document after signing will immediately invalidate the signature, triggering a warning in PDF readers like Adobe Acrobat.

Key Features:

  • Cryptographic Security: Signs documents using PKCS#12 certificates.
  • Tamper Proof: Verifies that the document has not been altered since creation.
  • Standard Compliance: Implements PAdES (PDF Advanced Electronic Signatures) standards via Apache PDFBox.
  • Visual & Metadata: Adds both a visual signature block and the underlying metadata.

Dependencies: This module is lightweight but requires the following standard Mendix modules to function (for libraries):

  1. Community Commons (for Apache PDFBox)
  2. Encryption (for Bouncy Castle crypto libraries)

How to use: The module includes a complete example implementation (DocumentSignPDF). simply upload your .pfx certificate via the included snippets, map your document, and call the Java Action.

Documentation

## Description

Securely seal your documents with cryptographic digital signatures. This module allows you to add a valid Digital Signature to PDF documents generated within your Mendix application using a PFX certificate.

 

## Typical Usage Scenario

Used in applications where document integrity is legally or operationally critical, such as:

* Signing contracts or agreements.

* Generating tamper-proof invoices.

* Official certifications or reports.

 

## Features and Limitations

* **Cryptographic Signing:** Uses .pfx or .p12 certificates containing a private key.

* **Integrity Check:** Guarantees the document has not been altered since signing.

* **Standard Compliance:** Uses the PAdES (PDF Advanced Electronic Signatures) standard.

* **Limitation:** This module does not provide a visual UI for "drawing" a signature; it is a backend cryptographic operation.

 

## Dependencies

This module relies on libraries provided by standard Mendix modules. **You must install these from the Marketplace:**

1. **Community Commons:** Provides the Apache PDFBox library.

2. **Encryption:** Provides the Bouncy Castle libraries (`bcprov` and `bcpkix`).

 

## Installation & Configuration

1. Download and install the **Community Commons** and **Encryption** modules.

2. Synchronize your App Directory (F4).

3. **Crucial:** Check your `userlib` folder. Ensure you do NOT have conflicting versions of Bouncy Castle (e.g., mixing `jdk15on` with `jdk18on`). Standardize on the versions provided by the Encryption module.

 

## How to use

1. Use the microflow `ACT_PFXCertificate_NewEdit` to upload your .pfx certificate.

2. In your document generation logic, call the `SignPDF` Java Action.

3. Map the `UnsignedPDF` (Input), `CertificateFile` (PFX), `Password`, and create a new `OutputPDF` object for the result.

 

## Troubleshooting

* **`java.lang.NoSuchFieldError`**: You have a JAR version conflict in your `userlib`. Remove older Bouncy Castle JARs and clean your deployment directory.

* **`Keystore password was incorrect`**: Check for trailing spaces in your password constant or verify the PFX file.

Releases

Version: 1.0.0
Framework Version: 10.24.10
Release Notes:

First release of PDF Digital Signer, created on Mx 10.24.10