I'm trying to digitally sign a pdf generated on the server from a web application. I've read through the doco but its pretty sketcky in this area.

The code below works but the pdf displays a warning:

"The validity of the document sertification is Unknown. The Author could not be verified."

The server certificate is issued by digicert and works in browser with no issues.

Dim cert As Certificate = New Certificate("C:\\projects\\certs\\xxx.pfx", "pfmpfm")
Dim pdfSign As PdfFileSignature = New PdfFileSignature(cert)
pdfSign.SignModel = PdfFileSignature.WINDOWCERTIFICATE
pdfSign.BindPdf(inStream)
pdfSign.CertificationLevel = PdfFileSignature.CERTIFIED_NO_CHANGES_ALLOWED
pdfSign.Sign(2, "Insert Reason Here", "XXXXX", "YYYYY", False, Nothing)
pdfSign.Save(outStream)

Questions:

1. Is the above code correct?

2. IS there anyway of avoiding the warning above or is this purely a ca root trust issue

3. What is role of the verisign certifcate type?

Hi,

Thank you for considering Aspose.

1. The code is quite right.

2. The warnning message would be raised by a viewer tools without any trust to the certificate. You need to config  your viewer tools to make the certificate to be trusted, to avoid the warnning.

3. The role rest with that what type of the certificate a user owns and with that the security policy used in a system. Aspose.Pdf.Kit only implements the technical mechanism to sign&verisign a PDF document with a digital certificate.

Thanks,