The certification is always linked to the author of a document, which is why it is also known as the author signature. The certificate attached to the form gives the recipient information about the origin of the form; if the certificate is valid, the recipient can be sure that the form has not been changed illegally after it was certified. As the author or sender of a form, you certify the form layout. Any data in form fields in the form is not certified. This gives you the advantage of sending certified forms that can be filled out by the recipient. When you certify a form as the author, you can also specify which changes the recipient is allowed to make. Once the recipient has entered the required information in the form and sent it back to you, you can check whether the certification of your form is still valid, and hence identify any illegal changes. If you want to protect the data included in your form, you must sign the form after the certification.
The application can implement the certification of a form either on the client side or on the server side.
When a certification is checked, you are told whether it is valid for the form or not. For more information, see Invalid Certification.
See the section Integration in Form Certification and Digital Signatures.
Client-side certification and server-side certification have some common prerequisites, but there are also some differences:
· Client-side and server-side certification
¡ The form must be interactive.
¡ The form developer must have created a signature field in the layout of the form.
This field can be set so that it is invisible on the form later. For a description of this, see the online help for Adobe LiveCycle Designer.
· Client-side certification
To certify a form personally, or to check a certified form, you require the following on your PC:
¡ Adobe Acrobat software
No further measures (plug-ins) are required on the recipient side or end user side to open a certified form in Adobe Reader or Adobe Acrobat. For up-to-date information about the required Adobe Acrobat version, see SAP Note 834573.
¡
The
necessary certificates installed on your PC
For more information, see the online help for Adobe Acrobat.
· Server-side certification
You must make the following settings in the J2EE Engine:
¡ The necessary certificates, which consist of private keys (credentials) and public keys, are installed and configured for Adobe Document Services. These are all certificates used to certify and check forms.
¡ The Certificate Revocation Lists have been defined for Adobe document services.
¡ SSL connections have been set for all required communication paths.
For more information, see the Adobe Document Services Configuration Guide (in English only).
You can certify and check a form on both the server-side and the client-side.
· Server-side certification
This requires you to do the following:
...
¡ Select the certificate that you want to attach to the form
When you certify a form, you may be prompted to specify the name of the certificate. However, the application can also select the certificate automatically; this means that you do not need to access certificates as an end user.
¡ Define changes that do not invalidate the certification
When you certify a form, you can specify which changes can be made to the form by the recipient without invalidating the certification.
You can specify the following:
Permitted Changes in the Form
Changes |
Explanation |
None |
No more entries can be made in the form. The recipient cannot make any changes. This also means that he or she cannot sign the form. |
FormFields |
The recipient can make entries in the relevant form fields. This is the default setting for SAP NetWeaver. |
FormFieldsAndComments |
The recipient can make entries in the relevant form fields, and also add comments. |
When you insert comments, you can use the full range of options available in Adobe Acrobat or Adobe Reader. For more information about inserting comments, see the online help for Adobe Acrobat or Adobe Reader. To insert comments or enter information in a form in Adobe Reader, appropriate Reader usage rights must be specified for the form. Any interactive forms created with Web Dynpro for Java or ABAP have Reader usage rights automatically.
¡ If the form contains dynamic elements, such as JavaScript, we recommend that application developers create a legal attestation that informs form recipients about these elements when they open the document. The programming of the application must also ensure that these elements do not have any potentially negative or dangerous effects for form recipients. For more information, see the next section.
· Client-side certification
You can certify a form personally by using your own certificates. You use Adobe Acrobat to do this. A dialog box instructs you to select a certificate. You are informed if your form contains any dynamic elements, such as JavaScript. Ensure that these elements do not have any potentially negative or dangerous effects for form recipients. You have the option of including an attestation, such as “This form contains JavaScript. This does not have any negative effects on your application." For detailed information about the procedure, see the online help for Adobe Acrobat.
· Server-side check
As well as information about the validity of the certification, the application can also provide you with information about the certificate owner and other status information about the certification, if this is implemented.
· Client-side check by end user
You can display information about the certificate and its validity in Adobe Acrobat or Adobe Reader. For more information, see the online help for Adobe Acrobat or Adobe Reader.
Offline application:
An authority provides certified forms for downloading on the Internet or sends certified forms by e-mail.
A form can contain existing data, such as the name and address of the recipient. The certificate and other previously defined usage rights are attached to the form automatically. The recipient receives the form and sees that the form is certified, either in a form field or on the Acrobat or Reader interface. The recipient fills out the required form fields and signs the form. The recipient then sends the form back to the authority. The certification of the incoming form, and its signature, are checked before it is processed further in the system or by a person.