Secure Acceptance Confirmation

LiveCycle ES2 Product Sample

Overview of the sample
Prerequisites for the sample
Files needed for the sample
Deploying the sample
Configuring the sample
Running the sample
Next steps
Legal disclaimer

Overview of the sample

The Secure Acceptance Confirmation sample demonstrates the incorporation of digital signatures within a more complex process. The sample takes a form as input from a watched folder, enables policies for the form and certifies it. The process invokes the subprocess called Verify Signature Status to verify the signature and, depending on the validity of the checks, creates either a secure and certified form or a rejection letter. The output is put in the watched folder.

Prerequisites for the sample

1. For the sample was updated based on LiveCycle ES2 Service Pack1, so please ensure that Service Pack1 has been applied to your LiveCycle ES2.
2. Deploy and run the Sample Setup Utility.
3. Download the sample certificate for LiveCycle Reader Extensions ES2. This certificate is available at: http://www.adobe.com/go/reader_ext_cert.

Files needed for the sample

Deploying the sample

Tip: To deploy multiple samples, use the Samples Deploy Utility.

Note: These instructions assume that LiveCycle ES2 is installed on the C: drive on Microsoft Windows, if you have installed to a different location, substitute the directory where you installed LiveCycle ES2.

1. Check to see if the following folders exist on the server when LiveCycle is install, if they do exist, delete them before proceeding.
   
   

   Windows	C:\tmp\LCSamples\WatchedFolder\SecureAcceptanceConfirmation
   Unix	/tmp/LCSamples/WatchedFolder/SecureAcceptanceConfirmation

   
   
2. Log in to LiveCycle Administration Console (http://[hostname]:[port]/adminui).
3. Click Services > Applications and Services > Application Management.
4. Click the LiveCycle Applications(9.x) tab and click Import.
5. Click Browse to locate the sample LiveCycle ES2 archive (LCA) file Adobe-Samples-Application-SecureAcceptanceConfirmation.lca, and then click Preview.
6. Select Deploy assets to runtime when import is complete and click Import.

Configuring the sample

Note: Before configuring and running this sample, it is necessary to deploy and run the Sample Setup Utility.

Configure SSL:

If SSL is installed during installation, ignore this section. To configure SSL follow the instructions detailed in the LiveCycle Administration Console Help.

Configure Rights Management:

1. Log in to LiveCycle Administration Console (http://hostname:port/adminui).
2. Click Services > LiveCycle Rights Management ES2 > Configuration > Server Configuration.
3. Configure Base URL of the settings, the base url should contain the server name and port. For example, https://[machine_name][domain_name]\:\[port_number], where [domain_name] is the fully qualified domain name of the server and [port_number] by default is 8443. In this example, the base URL could be: https://lcserver.mycompany.com:8443.
4. Leave all other properties of the setting as default value, and click OK to finish the server configuration settings.

Install the server certificate using Internet Explorer:

1. On the LiveCycle server, open the web browser and type the base URL for Rights Management ES2 in the Address field. For example, https://lcserver.mycompany.com:8443, same as the base URL in the step above. A Security Alert dialog box appears.
2. Click View Certificate, and then click Install Certificate and select the defaults for installation. The certificate needs to be installed in the Trusted Root certification Authorities.
3. Close your browser session.
4. Open another browser window and type the same URL in the Address field. A Security Alert dialog should not appear. This test confirms that the certificate is properly installed.

Configure Credentials:

In the following steps, you need a credential file:

• generic Reader Extensions credential - available for download from http://www.adobe.com/go/reader_ext_cert. The zip file includes a .pfx file and a text file with the password. Save these on your local machine.

1. Log in to LiveCycle Administration Console (http://[hostname]:[port]/adminui).
2. Click Home > Settings > Trust Store Management > Local Credentials.
3. Click Import and on the Import Credential page specify this information:
• Trust Store Type: Reader Extensions Credential
• Alias: SampleReaderExtensionsCredential
• Credential: the pfx file located in the zip file downloaded from http://www.adobe.com/go/reader_ext_cert.
• Password: password is in the text file located in the zip file downloaded from http://www.adobe.com/go/reader_ext_cert.
4. Click OK to import the credential. 
5. On the Home page of Administration Console,click Services > LiveCycle Rights Management ES2 > Policies, on the Policy Sets tab click Global Policy Set to step to Edit Policy Set. On the Policies tab, select Restrict to All Principals, and then click Enable to enable the policy, click OK to finish.
6. Log in to Workbench ES2.
7. If Samples - Secure Acceptance Confirmation does not show in the Applications view, click File > Get Application..., and choose Samples - Secure Acceptance Confirmation> Samples - Secure Acceptance Confirmation /1.0 from the application list to import the application to Workbench ES2.
8. In the Applications view, click Samples - Secure Acceptance Confirmation> Samples - Secure Acceptance Confirmation /1.0 > Processes > Secure Acceptance Confirmation. To check out the process, right-click Secure Acceptance Confirmation and select Check Out. To edit the process, right-click Secure Acceptance Confirmation and select Open.
9. Double-click the Certify Document with SampleKey activity to open its properties sheet. Click Common > Certifying Credential > Alias and select JOHNJACOBS in the list.
10. Double-click the Enable Form for Basic Form Fill-in and Import/Export activity to open its properties sheet. Click Input > Credential Alias and select SAMPLEREADEREXTENSIONSCREDENTIAL in the list.
11. Double-click the Restrict Document to 'All Principals' activity to open its properties sheet. In Input category, in Policy Set select Global Policy Set in the list, in Policy select Restrict to All Principals in the list, and in Domain select DefaultDom in the list.
12. To save the process, select File > Save.
13. In the Applications view, select Samples - Secure Acceptance Confirmation > Samples - Secure Acceptance Confirmation/1.0. To check in the application, right-click Samples - Secure Acceptance Confirmation/1.0 and select Check In. To deploy the application, right-click Samples - Secure Acceptance Confirmation/1.0 and select Deploy.

Configure Digest Hashing Algorithm:

If you are using Adobe Reader 7.0.9, complete the following steps. If you are using Acrobat or Adobe Reader later than version 7.0.9, you can skip these steps.

1. Log in to Workbench ES2.
2. In the Applications view, click Samples - Secure Acceptance Confirmation> Samples - Secure Acceptance Confirmation /1.0 > Processes > Secure Acceptance Confirmation. To check out the process, right-click Secure Acceptance Confirmation and select Check Out. To edit the process, right-click Secure Acceptance Confirmation and select Open.
3. Double-click the Certify Document with SampleKey activity to open its properties sheet. Click All in the upper right-hand corner of the properties sheet and expand the Common section.
4. In the Digest Hashing Algorithm box, select SHA1 from the list.
5. To save the process, select File > Save.
6. In the Applications view, select Samples - Secure Acceptance Confirmation > Samples - Secure Acceptance Confirmation/1.0. To check in the process, right-click Samples - Secure Acceptance Confirmation/1.0 and select Check In. To deploy the application, right-click Samples - Secure Acceptance Confirmation/1.0 and select Deploy.. 

Running the sample

1. Copy the PDF SampleToSign.pdf to the watched folder's input directory, the default location isC:\tmp\LCSamples\watchedFolder\SecureAcceptanceConfirmation\input for Windows and /tmp/LCSamples/WatchedFolder/SecureAcceptanceConfirmation/input for Unix. The sample PDF is located in the folder collateral within the ZIP file Adobe-Samples-Application-SecureAcceptanceConfirmation.zip.
2. The output PDF file output.pdf is saved to the result directory for the watched folder. The default location is C:\tmp\LCSamples\WatchedFolder\SecureAcceptanceConfirmation\result\yyyy\mm\dd\ for Windows and /tmp/LCSamples/WatchedFolder/SecureAcceptanceConfirmation/result/yyyy/mm/dd/ for Unix.
3. Open the output PDF file, on the Security Warning dialog, click Allow (If Acrobat X used, there is no Security Warning dialog ). Log In, enter the username and password using the username/password=jjacobs/password (or other users within the domains of LiveCycle), click OK, and the click Yes, on the View secure documents offline? dialog.
   

Troubleshooting: An error that relates to http protocol, means the SSL or Rights Management is not setup correctly, refer to SSL document or Rights Management document to configure correctly.

Note: If you look into the signature field signed by John Jacobs, you will find the validity is UNKNOWN. This is because the certificate is a self-signed certificate that is not trusted by Acrobat/Adobe Reader.

Next steps

Try making the following changes to the process:

• Use a different form type.
• Change the usage rights.
• Use a different policy for the document.
• Use a different certificate.
• Add a third signature to the document and change the process to verify it.

Legal disclaimer

Any references to company names, company logos and user names in sample material or sample forms included in this documentation and/or software are for demonstration purposes only and are not intended to refer to any actual organization or persons.

LiveCycle ES2 Product Sample - Secure Acceptance Confirmation - 06/21/2011 2:48 PM
LiveCycle ES2 (9.0.0.2) - September 2010