Skip to content

Instantly share code, notes, and snippets.

@teashawn

teashawn/build_signTextJS.md

Forked from angelyordanov/build_signTextJS.md
Last active September 2, 2021 06:03
Show Gist options
  • Save teashawn/5f5adef38d29e5afbb0f4bb46b0fd175 to your computer and use it in GitHub Desktop.
Save teashawn/5f5adef38d29e5afbb0f4bb46b0fd175 to your computer and use it in GitHub Desktop.
Download ZIP
BTrust MacOS setup
Raw
build_signTextJS.md

Building signTextJS

  1. Clone https://github.com/angelyordanov/signTextJS
  2. Run travis/osx..install script or open it and run the steps manually
  3. Run travis/osx..script
  4. If all goes well you'll have a signtextjs_plus-0.0.0-macos.dmg in the repo root
Raw
setup_btrust.md

BTrust MacOS setup

  1. Install Java 8 (BISS dependency)
# https://stackoverflow.com/a/28635465
brew tap adoptopenjdk/openjdk
brew install --cask adoptopenjdk8

  1. Install Gemalto drivers. Open https://www.b-trust.bg/services/signature-installation, enter your email and install just the Gemalto drivers (the one behind the MacOS link).

  2. Install firefox 68 ESR

  3. Add the following root certificates to the firefox chain.

    • B-Trust Root Qualified CA

    • B-Trust Operational Qualified CA

    • B-Trust Root Advanced CA

    • B-Trust Operational Advanced CA

    • The "Advanced" certificates are only required if you want to use the https://test.b-trust.org and not get a SSL error

    Option 1: Open B-Trust certification chains page in firefox and install the certificates by clicking on the PEM link and adding all checkboxes in the dialog that FF shows.

    Option 2:
    1. Set firefox to use the keychain root certs by setting security.enterprise_roots.enabled to true in about:config
    2. Open B-Trust certification chains page and download the certificates by clicking on the DER link
    3. Add them to the keychain by double clicking on each
    4. Open Keychain Access, find the certificates and move them to System
    5. Open each certificate in Keychain Access and set Always Trust on all fields

  4. Install the https://addons.mozilla.org/bg/firefox/addon/signtextjs-plus/ extension to firefox

  5. Install signtextjs' native backend

    1. Make sure you have a folder /Library/Application Support/Mozilla/NativeMessagingHosts/ (check the correct name in here)
    2. Open the signtextjs_plus-0.0.0-macos.dmg created with the build_signTextJS.md (or one downloaded from https://github.com/jasp00/signTextJS/releases)
    3. Move the two files signtextjs_plus.app and signtextjs_plus.json in the NativeMessagingHosts folder that should be symlinked in the DMG

  6. Load the Gemalto PKSC#11 Module in Firefox

    1. In Preferences open Security Devices (at the bottom of the page)
    2. Press Load and enter Gemalto PKSC#11 Module as the module name and /Library/Gemalto/libidprimepkcs11.dylib as the module filename
    3. Close the device manager and verify your smart card by opening View Certificates... and selecting the tab Your Certificates

  7. Verify signtext js installation by downloading locally https://raw.githubusercontent.com/jasp00/signTextJS/master/test/html/test.html and opening it in Firefox

  8. Thank me later :)

Raw
setup_btrust_win.md

  1. Install Gemalto drivers. Open https://www.b-trust.bg/services/signature-installation, enter your email, download the installer and unarchive it wit 7zip, install just the Gemalto drivers.

  2. Install firefox 78 ESR and disable automatic updates by placing the following policies.json in folder distribution next to where the firefox EXE is.

    C:\Program Files\Mozilla Firefox\distribution\policies.json

{
  "policies": {
    "AppAutoUpdate": false
  }
}

  3. Add the following root certificates to the firefox chain.

    • B-Trust Root Qualified CA

    • B-Trust Operational Qualified CA

    • B-Trust Root Advanced CA

    • B-Trust Operational Advanced CA

    • The "Advanced" certificates are only required if you want to use the https://test.b-trust.org and not get a SSL error

    Open B-Trust certification chains page in firefox and install the certificates by clicking on the PEM link and adding all checkboxes in the dialog that FF shows.

  4. Install the https://addons.mozilla.org/bg/firefox/addon/signtextjs-plus/ extension to firefox

  5. Install signtextjs' native backend vy downloading the latest release from the github page https://github.com/jasp00/signTextJS

  6. Load the Gemalto PKSC#11 Module in Firefox

    1. In Preferences open Security Devices (at the bottom of the page)
    2. Press Load and enter Gemalto PKSC#11 Module as the module name and /Library/Gemalto/libidprimepkcs11.dylib as the module filename
    3. Close the device manager and verify your smart card by opening View Certificates... and selecting the tab Your Certificates

  7. Verify signtext js installation by downloading locally https://raw.githubusercontent.com/jasp00/signTextJS/master/test/html/test.html and opening it in Firefox

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment