How to digitally sign a PDF using Acrobat reader and some Tools

November 8, 2014

Did you know you can digitally sign any PDF document using Adobe Reader and a self signed certificate.

First of all you need to get the tools to create a certificate :

  • signcode.exe
  • makecert.exe
  • cert2spc.exe
  • pvk2pfx.exe

These files are part of the MS SDK KIT and or not allowed to be distributed !

But you can find a download here :

http://www.kastaban.de/cert4me/MAKE_MY_CERT_FILE.zip

Next run the MAKE_MY_CERT_FILE.CMD file

@echo off
setlocal
if “%~1″==”” goto INFO
if “%~2″==”” goto INFO
set WORKINGDIR=%~dp0
IF %WORKINGDIR:~-1%==\ SET WORKINGDIR=%WORKINGDIR:~0,-1%
set KEYDIR=%WORKINGDIR%\keys
if not exist %KEYDIR% md %KEYDIR%
set CERTIFICATE_PASSWORD=%2

%WORKINGDIR%\makecert -r -n “CN=%1” -b 01/01/2013 -e 01/01/2099 -eku 1.3.6.1.5.5.7.3.3 -sv %KEYDIR%\%1_cert.pvk %KEYDIR%\%1_cert.cer
%WORKINGDIR%\cert2spc %KEYDIR%\%1_cert.cer %KEYDIR%\%1_cert.spc
%WORKINGDIR%\pvk2pfx.exe -pvk %KEYDIR%\%1_cert.pvk -pi %CERTIFICATE_PASSWORD% -spc %KEYDIR%\%1_cert.spc -pfx %KEYDIR%\%1_cert.pfx -po %CERTIFICATE_PASSWORD%

goto END
:INFO
echo.
echo.
echo Please start me with:
echo %~nx0 ARG1 ARG2
echo.
echo ARG1=FileName of Certificate
echo ARG2=Password of key (always use the sam ein the run!)
echo.
goto END

:END
endlocal

And run it with 2 arguments

image

Example certificate name Audministrator and Test as password

image

You will have to re-enter the password again.

image

After this these are the certificate files that will be created.

image

OK so now you have the certificate you are ready to sign PDF documents Smile

image

When selecting Sign with Certificate

image

Drag a rectangle in your PDF document.

image

Select the certificate you created, and don’t forget to Lock the document after signing

image

Select the certificate you created before.

image

image

image

It will ask you to save the PDF, best use a new name.

image

After that the signature is in the PDF and you can check the properties by clicking on it.

image

Here’s is the how to movie on how to do a bit more

http://tv.adobe.com/watch/acrobat-x/how-to-digitally-sign-a-document-with-adobe-reader/

Enjoy !


Server Down, RAID 5 failing – life saver !

November 5, 2014

Recently I saw that my ClustrMap was not showing up in my blog ?

image

Next thing when I clicked the link I got redirect to this page.

http://blog.clustrmaps.com/2014/11/01/www3-clustrmaps-com-server-down/

SUMMARY: Major disk crash affects maps on www3.clustrmaps.com; a very lengthy (several days) recovery procedure is underway using reliable backups. The original post and updates below are in chronological order, so the latest updates are at the bottom.

[Original post]: We received an alert at 10:15 GMT 1st November 2014 that one of our servers (www3.clustrmaps.com) was not responding. The means that anyone who has a map on that server (you can tell because the link to your big map begins with www3….) will be experiencing a data outage during this period [no visitor counting], for which we apologise. Our hosting provider (SoftLayer.com) is ‘on the case’, and it looks like there is a problem with the RAID disk array that requires a disk swap and rebuild. This normally takes a good few hours, but additionally it has taken some extra time to locate the fault. Please return to (and refresh) this blog posting for updates. Many thanks for your patience and understanding.
-The ClustrMaps Team

Explaining they had a server down for several days, because of a failing RAID 5 !?

Well if you thought RAID 5 was there for reliability I can tell you are wrong !

I had a similar surprising incident myself a couple of year ago.

Luckily for me I was able to escape the disaster dance like this :

Solution :

1. First try to replace a failing disk as normal in a RAID 5. Which should start rebuilding automatically.

2. In my case it failed, because of a bad sector on one of the 2 remaining disk Sad smile

Pull out 1 of the failing disks, wait a bit and try again.

3. If it Fails again to rebuild. Power down the server.

Pull out all of the disks that belong to the faulty Logical drive (not the other ones).

4. Restart the server without the disks. This will clear the ARRAY controller ROM RAID configuration.

5. Start putting in the disks again, and the server will start to a new RAID configuration, based on the ROM data that is on the old Disk ! Smile

6. If this still does not work Sad smile

Shut down the server. Remove all disks and delete the ARRAY config.

Add brand new disks in the server. Restart the server and create a new exact ARRAY config from scratch.

7. Stop the server again. Pull out the new disks and put back the old disks.

Start the server again.

This should start the rebuild without a problem.

Because the RAID controller cache had now being fully cleared.

This little trick saved my day back then ! Smile Smile

PS : in case it still does not work try first to do a firmware upgrade for the RAID controller. And start again as of step 6

In case all of these did not work, you are unfortunately in the same position as the guys from ClustrMap.

And you need to rebuild the server from scratch.

Install the OS software next the backup software, and do a restore.

Will take you a long time.


PowerShell using Windows Script Component

November 3, 2014

Windows Script Component (WSC) goes a long way back. This technique is almost 15 years old, dating from Windows 2000.

But you can still use it, even by the latest Powershell version. Smile

Find here more information about what WSC is.

In short WSC gives you the possibility to create COM objects on the fly. Which you can register as normal COM objects exposing you methods and properties.

image

As you can see the WSC files show up with different Icon. If you right click it you see extra shortcut menu’s.

image

Register will register you COM object in the registry if you filled up the WSC file with the proper XML sections. The same as you would use the regsvr32.exe command line tool.

Or you can just run functions as is, without registering.

WSC supports VBScript / JScript and PerlScript.

Let’s give an example on how to access the object from within PS.

1. Create a simple WSC file.

image

<?xml version=”1.0″?>
<component id=”mywsc”>
<public>
<method name=”test”/>
</public>

<script language=”VBScript”>
<![CDATA[

Sub test(text)
msgbox text
End Sub

]]>
</script>
</component>

 

This simple example will display a Message Box with a text as parameter, when invoked using PS.

image

You need to use the .Net [system.runtime.interopservices.marshal]::BindToMoniker to connect to the WSC object.

As you can see I use the following prefix syntax “script:…” in order to call the WSC object on the fly.

This will avoid you to register the COM object on your system. Which makes it extremely flexible. You can now adjust the WSC code on the fly and run it. As well as copy it on multiple machines without any admin overhead.

The InvokeMember has 5 parameters, which explain themselves :

1. “Test” is the name of the WSC VBScript function to call.

2. $im holds the BindingFlags method

3. Not used

4. Variable that holds the references to the WSC Object

5. Used to send across the Parameter(s) to the WSC function.

Here is the full code with some helper calls in between.

 

CLS

$test = [system.runtime.interopservices.marshal]::BindToMoniker("script:C:\_\Apps\_PowerShell\_Advanced Examples\_WSC Examples\Test.wsc")

$isObj = [system.runtime.interopservices.marshal]::IsComObject($test)

write-host $isObj

Write-host " "

Write-host "Get-Type" 

$test.GetType()

$param = "Hello World ! -&gt; From PowerShell to WSC"

$im = [System.Reflection.BindingFlags]::InvokeMethod

$test.GetType().psobject.BaseObject.InvokeMember("test", $im, $null, $test, $param)

$ret1 = [System.Runtime.InteropServices.Marshal]::GetIDispatchForObject($test)

$ret2 = [System.Runtime.InteropServices.Marshal]::GetIUnknownForObject($test)

$uObj = [System.Runtime.InteropServices.Marshal]::GetUniqueObjectForIUnknown($ret2)

$Obj = [System.Runtime.InteropServices.Marshal]::GetObjectForIUnknown($ret2) # refers back to $WSC COM object returns the GUID

write-host " "

#[System.Runtime.InteropServices.Marshal]::Release($test)
[System.Runtime.Interopservices.Marshal]::ReleaseComObject($test)

write-host "5. "  $ret1 $ret2 $uObj $obj

write-host " "

[System.Runtime.InteropServices.Marshal]::AreComObjectsAvailableForCleanup()

write-host " "

[System.Runtime.InteropServices.Marshal]::GetLastWin32Error()

rv test, im, param, isObj, ret1, ret2, uobj, obj

[System.GC]::Collect()

Enjoy!