You use certification to protect a form from unauthorized changes by adding information to it about its origin (author). A valid certificate proves that the form has not been changed.
As the author or sender of a form, you certify the form layout, but not the data contained in the form. This means that entries can be made in certified forms. When you certify a form, you can also specify which changes the recipient is allowed to make. If you receive a completed, certified form, you can check whether this is the certified version or if it has been manipulated.
The application can implement the certification of a form either on the server side or on the client side. When a certification is checked, you are told whether it is valid for the form or not.
If you want to protect the data included in your form, you must sign the form after the certification.
Client-side and server-side certification have the following prerequisites:
Client-side and server-side certification
The form must be interactive.
The form developer must have created a signature field in the layout of the form.
This field can be set so that it is invisible on the form later.
More information: Online help for Adobe LiveCycle Designer
Client-side certification
To certify a form personally, or to check a certified form, you require the following on your PC:
Adobe Acrobat software
No further measures (plug-ins) are required on the recipient side or end-user side to open a certified form in Adobe Reader or Adobe Acrobat.
More information: SAP Note 834573
Required certificates
More information: Online help for Adobe Acrobat
Server-side certification
You must make the following settings in the J2EE Engine:
The necessary certificates, which consist of private keys (credentials) and public keys, are installed and configured for Adobe Document Services. These are all certificates used to certify and check forms.
The Certificate Revocation Lists have been defined for Adobe Document Services.
SSL connections have been set for all required communication paths.
More information: Adobe Document Services Configuration Guide
Certifying a Form on the Server Side
Select the certificate you want to add to the form.
In some cases the application may select the certificate automatically; this means that you, the end user, do not need to access the certificates.
Specify the permitted change options.
When you certify a form, you can specify which changes can be made to the form by the recipient without invalidating the certification. You can specify the following:
None
No more entries can be made in the form. The recipient cannot make any changes. This also means that he or she cannot sign the form.
FormFields
The recipient can make entries in the relevant form fields (default setting).
FormFieldsAndComments
The recipient can make entries in the relevant form fields and add comments.
When you insert comments, you can use the full range of options available in Adobe Acrobat or Adobe Reader. For more information about inserting comments, see the online help for Adobe Acrobat or Adobe Reader. To insert comments or enter information in a form in Adobe Reader, appropriate Reader usage rights must be specified for the form. Interactive forms created in the Web Dynpro development environment automatically have Reader usage rights.
Optional (recommended for application developers): If the form contains dynamic elements such as JavaScript, enter a message text (legal attestation) to inform the form recipient about the certification when they open the form.
Certifying a Form on the Client Side
Use Adobe Acrobat to certify a form personally using your own certificates.
A dialog box instructs you to select a certificate. You are informed if your form contains any dynamic elements, such as JavaScript. Ensure that these elements do not have any potentially negative or dangerous effects for form recipients. You have the option of specifying a message text, for example: "This form contains JavaScript. This does not have any negative effects on your application".
Checking Certification
Server-side check
As well as information about the validity of the certification, the application can also provide you with information about the certificate owner and other status information about the certification, if this is implemented.
Client-side check by end user
You can display information about the certificate and its validity in Adobe Acrobat or Adobe Reader.
More information:
Invalid Certification of a Form
Online help for Adobe Acrobat or Adobe Reader
An authority provides certified forms for downloading on the Internet or sends certified forms by e-mail.
A form can contain existing data, such as the name and address of the recipient. The certificate and other previously defined usage rights are attached to the form automatically. The recipient receives the form and sees that the form is certified, either in a form field or on the Acrobat or Reader interface. The recipient fills out the required form fields and signs the form. The recipient then sends the form back to the authority. The certification of the incoming form, and its signature, are checked before it is processed further in the system or by a person.