alias attribute

Inherited:no
Used By:input
See:handler keypassword keystoretype location password reason signer

This attribute determines which private key from the keystore should be used to digitally sign the document. It is only used with the input type="signature" element, and is mandatory. It should be set to the "alias" or "short name" that the key is stored under in the keystore.

This shows how to digitally sign a document

<input type="signature"
       handler="acrobat6"               // handler used to verify this signature
       keystore="file:/privatekey.jks"  // URL of the keystore
       keystoretype="JKS-SUN"           // type of keystore
       password="storepassword"         // password to unlock the keystore
       alias="secretkey"                // key from the keystore to use
       keypassword="secretkeypassword"  // password to unlock the key, if required
       certify="nochanges"              // allow no changes after signing
       signer="John Smith"              // name to place on the signature
       reason="I am the author"         // reason you're signing the document
/>

Same as the above example but showing the additional keys that might be used to create a signature with "long-term validation".

<input type="signature"
       handler="acrobat6"               // handler used to verify this signature
       keystore="file:/privatekey.jks"  // URL of the keystore
       keystoretype="JKS-SUN"           // type of keystore
       password="storepassword"         // password to unlock the keystore
       alias="secretkey"                // key from the keystore to use
       keypassword="secretkeypassword"  // password to unlock the key, if required
       signer="John Smith"              // name to place on the signature
       reason="I am the author"         // reason you're signing the document
       timestampurl="http://timestamp.entrust.net/TSS/RFC3161sha1TS" // URL of the RFC3161 Timestamp service
       pades="true"                     // Mark the signature as PAdES compatible
       ocsp="true"                      // Perform OCSP and CRL verification at time of signing
       algorithm="SHA256"               // Set the digest algorithm to SHA-256 (optional).
/>