Understanding Applying Digital Signatures to PDF Report Output

BI Publisher for PeopleSoft report output in PDF format can be digitally signed to verify the authenticity of the report output that you send and receive, and to validate that the output has not been altered since the PDF was created and digitally signed.

Note: As of the PeopleTools 8.54 release you can apply digital signatures to BI Publisher for PeopleSoft PDF output only.

This feature digitally signs PDF report output using Personal Information Exchange (PFX) certificates.

This section describes the participants, permission lists, and roles in applying digital signatures to PDF report output.

Participants

This section describes the participants in applying digital signatures to PDF report output.

Field or Control

Definition
System or Security Administrator

Provides digital signature setup and maintenance
Report Developer

Person who develops the report.
Report Signer

Person whose digital signature is required for signing the report.
Report Operator

User or role that is running the report and that can apply the digital signature to the document.

Permission Lists

Permission list PTPT4900 allows access to the External Digital Certificates page (described later in this topic), to create details for the digital certificate and stipulate users and roles that can apply digital signatures to documents.

The following participants should have access to the permission list:

  • System or security administrator.

  • Report signer.

If the system administrator or security administrator wants to limit access to the External Digital Certificates page and does not want a signer to access the page, he/she or someone else with appropriate permission list access can access the page to define the signer of the document.

Roles

The XMLP_REPORT_DEVELOPER role allows access to properties on the Report Definitions – Property page to enable, place, and specify the digital signature to apply to a document.

The report signer, report operator, and anyone else who should be able to apply a digital signature to a report should be assigned this role.

To use this feature:

  • Use the External Digital Certificates page define the digital ID, load signed PFX certificates to the PeopleSoft database, define the signer of the certificate, and define the users and roles that can apply the digital signature to documents.

    Information about using the External Digital Certificates page and performing these tasks is provided later in this topic.

  • Create a PeopleCode application class to exchange reporting, signing, and digital certificate information between BI Publisher for PeopleSoft and the application that requires digitally signed PDF report output.

    The application class should also include logic to extract the PFX certificate from the database keystore and provide BI Publisher for PeopleSoft an encrypted password to open the certificate file and execute the signing of the report.

    Information about the interface to use for this application class is described later in this topic and also in the PeopleTools 8.55: PeopleCode API Reference documentation.

  • In BI Publisher for PeopleSoft use the Report Definition – Properties page to enable digital signatures for PDF output, define the position of the digital signature in the document, and specify the application class to exchange reporting, signing, and digital certificate with the application.

    Using the Report Definition – Properties page is described in the PeopleTools 8.55: BI Publisher for PeopleSoft documentation.

  • Run the report.

    Running BI Publisher for PeopleSoft reports is described in the PeopleTools 8.55: BI Publisher for PeopleSoft documentation.

This section describes PeopleTools used for applying digital signatures to PDF report output.

Field or Control

Definition
PeopleSoft Security

Use the External Digital Certificates page in the PeopleSoft Pure Internet Architecture to:

  • Define the digital ID.

  • Upload digital certificates (PFX files) for interacting with BI Publisher and PeopleSoft applications.

  • Define distinguished name (DN) properties for certificates.

  • Define users and roles that can apply digital signatures to PDF report output.
PeopleCode

Several application class interfaces, application classes, and methods are provided for storing and retrieving PFX files and passwords, mapping digital signatures to input properties, digitally signing reports, and so on.
BI Publisher for PeopleSoft

Use BI Publisher for PeopleSoft to:

  • Enable digital signatures for PDF report output.

  • Define the location of digital signatures in PDF output.

  • Generate digitally signed PDF reports.