RenderReport with SignCertFilename

1 Answer 35 Views
Rendering Report Parameters
Top achievements
Rank 1
Michael asked on 20 Jan 2022, 12:40 PM

Hello Forum,

I can render a PDF with ReportProcessor.RenderReport() successfully.

Now I want to encrypt the PDF, there seems to be two ways to do this with the PDF Device Information Settings:

1. Set the user and owner password. This works, but it is not a solution for my use case, because it requires a clear password.

deviceInfo.Add("OwnerPassword", "myPassword");
deviceInfo.Add("UserPassword", "myPassword");

2. Use a certificate for encryption. This does not work, but would be my preferred solution.

deviceInfo.Add("SignCertFilename", "C:\\Temp\\my.cer");
deviceInfo.Add("SignCertPassword", "myPassword");

I cannot find an example which utilizes the device info SignCertFilename (google "Telerik SignCertFilename" returns one result, which links to above documentation).

Does the encryption with a certificate actually work?
Do you have an example code for me, maybe I must set a specific device information.
If you wish, I can deliver a minimal working example.

Thank you for reading!

1 Answer, 1 is accepted

Sort by
Telerik team
answered on 25 Jan 2022, 11:01 AM

Hi Michael,

Based on the provided snippets, I infer that you use the 'cer' certificate file. I tested with a local 'pfx' certificate file and was able to apply it in the exported PDF - see the linked muted video for reference. I couldn't export the report with the same certificate exported to a 'cer' file though.

You need to reference a 'pfx' file - see the Difference between .cer and .pfx certificates. The reason is that our code expects a password related to the certificate file that, as far as I know, cannot be embedded in the 'cer' file.

Progress Telerik

Brand new Telerik Reporting course in Virtual Classroom - the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products. Check it out at
Top achievements
Rank 1
commented on 28 Jan 2022, 08:05 AM

Hello Todor, 

Thank you for the clarification!

I am afraid that using a .pfx file is not feasible for my use case.
The .pfx file contains the private key and I don't want to store the private key in a file or my database.


Telerik team
commented on 01 Feb 2022, 03:50 PM

Hello Michael,

Indeed, the main difference between the two certificate files is the private key. In our code, we use the constructor X509Certificate2(String, String) to create the certificate. It is used with PKCS12 (PFX) files that contain the certificate's private key. I am not very familiar with document certificates, but to my best knowledge, the private key is needed for signing the document.

Feel free to log a feature request for providing a different way for passing the private key. For example, through another constructor of the X509Certificate Class.

Rendering Report Parameters
Asked by
Top achievements
Rank 1
Answers by
Telerik team
Share this question