I have a case where LOK convert-to with ODT->PDF and
SignCertificateCaPem/SignCertificateCertPem/SignCertificateKeyPem set
creates a corrupted PDF signature, while more or less the same on the
desktop works.
The PDF signature is a hex dump, and once converted to binary, one can
analyze the content using 'openssl asn1parse -inform der -in ... -i'.
Still, the LOK and the desktop case differs, because this script
generates random certificates and then the binary output in the two
cases differs, so hard to see the actual difference.
Fix the problem by still generating .p12 output (needed for the desktop
case) in the no-password case, so a single run can emit ca/cert/key PEM
files and a .p12 archive, so exactly the same input can be used for
desktop and LOK signing.
It turns out the actual problem I looked at was some setup problem,
because now that the same input can be used in the two cases, the LOK
signing during PDF export works fine.
Change-Id: Ifc5ff73cd6fbbc057af536c84e4367ce1d489931
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/176081
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Tested-by: Jenkins
27753561a1