Q: Can I read from the Windows Certificate store to get digital IDs to use as trusted Certificate Authorities (CAs)?

A: By default, our libraries jPDFSecure and jPDFProcess and components jPDFNotes and jPDFEditor use the Java trusted Certificate Authorities when verifying digital signatures in PDF documents.

It is possible to customize the trusted authorities through the SignatureSettings static methods.

To add the Windows trusted CAs, make the following static call:

SignatureSettings.setWindowsCertsEnabled(true);

To remove the Java trusted Certificates, make the following static call:

SignatureSettings.setCaCertsEnabled(false);

In version 2013R1 and earlier, use the code below:

// Create keystore for Windows trusted root certification authorities
KeyStore keystore = KeyStore.getInstance("Windows-ROOT");
keystore.load(null, null);// Add keystore to trusted certificate list
SignatureSettings.addKeyStore(keystore);

Download Java Sample Code to Add Windows Certificates