Description: Currently, there is no clear way to provide a self-signed p12 file, with x509 certificate in libreoffice. The use case here is to be able to perform round-trip confirmation of documents. I wish to emit documents, and then in the case that the need arises (query over whether the document is genuine), I can manually verify a document that has been returned to me. Network based man-in-the middle is not a concern, as this will be performed using USB keys to transfer files, and only to provide negative verification (document is not valid), rather than positive. It should be possible for me to install, on whichever machines are needed, without the use of third-party software, a certificate in libreoffice that can be used to sign outgoing ODT/PDF documents. Currently my (non-working) workflow is to: * Create a pem file pair. https://stackoverflow.com/questions/10175812/how-to-create-a-self-signed-certificate-with-openssl * Rebind these back into a p12 file (to work around a bug in firefox/thunderbird) https://security.stackexchange.com/questions/163199/firefox-certificate-can-t-be-installed * Install this as a personal certificate * ?? * Have the certificate appear in libreoffice's certificate selection. The current method of needing to use third party software to manage which certificates are available is understandable from a central-certificate point of view, but not so from a user perspective. If there is some way to allow the user to either manually provide a pem/p12 file from the filesystem, OR to have an import system within libreoffice to manage certificates only for libreoffice, that would be great. PDF might be a bit tricky, as if the store is specific to libreoffice, then PDF viewers will not respect this. Steps to Reproduce: 1. Attempt to digitally sign a document 2. See that you dont have any certificates available 3. Run internet searches to find a way to make it available 4. Give up after an hour or so. Actual Results: Document cannot be signed, as no certificates are available Expected Results: 1. Attempt to digitally sign a document 2. Be prompted for your signature file, or allowed to import it 3. Sign document Reproducible: Always User Profile Reset: No Additional Info: I've managed to import gpg files, but this cannot be used to sign a PDF. Selecting "sign" using a GPG RSA key pair allows you to select the GPG key for signing, but simply dumps you back to the PDF dialog with no actual signing or certificate details being provided (It seems to error out with no user feedback). User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:44.0) Gecko/20100101 Firefox/44.0 Iceweasel/44.0
@Thorsten, do you have any opinion wrt to this ticket ?
That should be doable on linux now out of the box, with gpg4libre / GPG keys. With Debian/Ubuntu, you'll very likely have everything you need for that installed already on a stock system. As you state, that does not currently work for PDF. It is possibly (though not implemented), to store X509 keys also in the gpg keystore. Would that address your use case? Beyond that, duplicating elsewhere-available crypto UI inside LibreOffice does neither appear useful, nor sustainable to me.
Dear Bug Submitter, This bug has been in NEEDINFO status with no change for at least 6 months. Please provide the requested information as soon as possible and mark the bug as UNCONFIRMED. Due to regular bug tracker maintenance, if the bug is still in NEEDINFO status with no change in 30 days the QA team will close the bug as INSUFFICIENTDATA due to lack of needed information. For more information about our NEEDINFO policy please read the wiki located here: https://wiki.documentfoundation.org/QA/Bugzilla/Fields/Status/NEEDINFO If you have already provided the requested information, please mark the bug as UNCONFIRMED so that the QA team knows that the bug is ready to be confirmed. Thank you for helping us make LibreOffice even better for everyone! Warm Regards, QA Team MassPing-NeedInfo-Ping-20181203
Dear Bug Submitter, Please read this message in its entirety before proceeding. Your bug report is being closed as INSUFFICIENTDATA due to inactivity and a lack of information which is needed in order to accurately reproduce and confirm the problem. We encourage you to retest your bug against the latest release. If the issue is still present in the latest stable release, we need the following information (please ignore any that you've already provided): a) Provide details of your system including your operating system and the latest version of LibreOffice that you have confirmed the bug to be present b) Provide easy to reproduce steps – the simpler the better c) Provide any test case(s) which will help us confirm the problem d) Provide screenshots of the problem if you think it might help e) Read all comments and provide any requested information Once all of this is done, please set the bug back to UNCONFIRMED and we will attempt to reproduce the issue. Please do not: a) respond via email b) update the version field in the bug or any of the other details on the top section of our bug tracker Warm Regards, QA Team MassPing-NeedInfo-20190111