« Using DDX and the Assembler service to invoke other LiveCycle ES services | Main | Understanding relationships between objects in the Object Library »

Certifying PDF packages

With LiveCycle ES, you can certify PDF packages to ensure that none of the documents contained within the package are changed without being detected. Additionally, you can encrypt or policy protect the package and the files it contains, and you can apply usage rights to the package.

When creating a certified PDF package you must apply LiveCycle ES services in a specific order.

The cover sheet in a certified PDF package can be an interactive form; however, the files contained in the package must not be interactive. The certification for a PDF package becomes compromised if any of the component files are modified, even if the component file’s certification allows form fill-in.

To create a certified PDF package, apply operations in the following order. These services must be invoked within a short-lived process.


  1. (Optional) For each document to be contained in the PDF package, encrypt or policy protect, and then certify. The files in the PDF package cannot be interactive forms, so you must not apply Usage Rights.

  2. Assemble the PDF package.

  3. (Optional) Encrypt or policy protect the PDF package.

  4. Certify the PDF package.

  5. Apply Usage Rights to the PDF package.


You can also create a process that consumes component files that are already encrypted, policy-protected, or certified. If any of the component files consumed by your process are encrypted or policy-protected, ensure your DDX file defines them in a way that avoids Assembler ES having to open them. You can accomplish this goal by defining the comonent files using the <PackageFiles> source element, not the <PackageFiles> filter element. For example, the following DDX produces a PDF package without requiring Assembler ES to open the component files:

<DDX xmlns="http://ns.adobe.com/DDX/1.0/">
<PDF result="outDoc" >
<PDF source="_AdobeCoverSheet" bookmarkTitle="Cover"/>
<PackageFiles source="doc1" required="false">
<File filename="MyFirstFile.pdf" mimetype="application/pdf"/>
</PackageFiles>
<PackageFiles source="doc2" required="false">
<File filename="MySecondFile.txt" mimetype="application/pdf"/>
</PackageFiles>
</PDF>
</DDX>

Any of the following changes would compromise a certified PDF package:

  • Component files are modified
  • Component files are filled in, even if the component file's certification allows form fill-in
  • Cover page is modified, unless the certificate allows form fill-in

Posted by Kathy Stony on December 4, 2008 06:32 PM |

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)