x509 Certification and Vaadin, how?

Hi everyone,

Brazilians citizens can buy a smartcard which contains his digital signature inside an x509 certificate (A3). (every country has that, I think).

In our application, we need to provide an support to sign some PDFs without installing anything in client`s computer.

How can we achieve that with Vaadin? Just click on a button, then the digital certificate is requested, then signing that file…

There`s anyway to get this with Vaadin?


It shouldn’t be possible, since vaadin is a server-side based framework (and You really don’t want to send private key to the server). When we needed such functionality, we implemented it by calling hidden applet on the page, that does signing and sends result back to vaadin. I remember there were some beta versions of pure js solutions at that moment, but don’t have experience with them.

Do you have some snippet or opensource project to help me?

Thanks :slight_smile:

Unfortunately, no, the code belongs to our customer.
But the general idea: for signing, we were using an applet from card service provider, for communication with it - javascript. Imho, the first step would be to find such applet that works in a static page (usually card providers can help since they know what works with their cards) and then check its api and integrate with vaadin. Also note, that this will require java installed on client PC.

Thank you for your answer :).

There`s someway to use digital signatures without JRE installed on client? Thanks :slight_smile:

I don’t know any reliable solution. There are some pure-js solutions, but never used (by us) in real application. CAPICOM (now deprecated) is an option, but works only in Windows; there are flash-based options, but of course, they require flash. And in general, these type of tasks shouldn’t be easy or transparent (from user PoV) since can be very dangerous.