PDF/PAdES Signing Attributes
This page is used to configure the PDF/PAdES signature settings that will be used by Go>Sign applet.
The configuration items are as follows:
Items |
Description |
||
PDF Signature Settings |
A mandatory field that selects the type of signature to be produced by this Go>Sign profile. The following types of signatures are supported:
PadES Signature based on ETSI Standards:
Select the signature format to be produced. For more details see the section Supported Signature Types. Note: The ISO 32000-1 based PDF signatures are verifiable in Adobe Reader 7+ and PAdES signatures based on ETSI Standard are verifiable in Adobe Reader 10+. |
||
Create visible signature |
Check this checkbox if you want to create Visible PDF Signatures. If unchecked then Invisible PDF Signatures will be created. The possible values are:
If the document already has a blank signature field, then the name of the signature field can be specified using this option. When ADSS Server signs a PDF document using this signing profile it will then search for this signing field and embed the signature details within that field. This is also a good way of positioning the signature in an exact location rather than just the default locations mentioned above. Note: Signature field names are case-sensitive so ensure you enter a valid field name as used in your documents, e.g. field1 and Field1 are not the same. Signature Appearance Select one of the PDF Signature Appearances already generated as mentioned in the section PDF Visible Signatures. Target Signature Field Name Specify the name of a blank signature field (already existing in the document). If the filed name is specified in the request then that field will be signed but if field name is missing in the document signing request then a field name mentioned in this text box will be signed. If a field name not specified in the request nor found the one specified in this text box then an error will be returned. Use this prefix to generate the incremental field names If this option is turned on in the Go>Sign Profile then service uses an algorithm to automatically identify a field name to be signed i.e. Go>Sign service automatically checks field name e.g. " Signature1", if it is a blank field then enforces user to sign it and if already signed then enforce user to sign another field which is "Signature2" and so on. Note: This feature only works when SharePoint server is integrated with the Go>Sign Service.
Create empty field signatures using the PDF. Sig Locations. These configurations will then be used while signing the document, ADSS Server Go>Sign Service will create the empty signature fields with field names and the signature appearance allocated to those empty signature fields. Set the PDF Signature Locations settings to create the empty signature fields with names as mentioned and located in the PDF editor. Set the Default Appearance Name which will embed the appearance and signer's details on the signature field when signed. |
||
Embed font to be used for PDF signature appearance text objects |
Optionally select the fonts used in the signature appearance to be embedded in the signed PDF document. Using this option, PDF/A compliant documents will retain PDF/A compliancy after signing. Note the following rules:
|
||
User signature tablet device |
Enable this checkbox if you want to place the hand signature image for visible PDF signatures using signature tablet device. Note: Only Wacom and Signotec tablet devices are supported yet. |
||
Use a font-based hand signature image |
Go>Sign Service uses these configuration to create hand signature image for the signer in case of visible signature. This option will be available only when document viewer is marked disabled. |
||
Signature Produced At |
This defines where the signature will be produced. Possible values are:
|
||
Signature/Document Relationship |
This defines how the signature and document exist i.e. one inside the other or do they exist separately. Following options are supported for PDF signatures:
Note: In case of remote signing the "Signature/Document Relationship" selected in the Go>Sign Service and the Signing Service should be same i.e. if the option selected in the Go>Sign profile is "Enveloping" then the same should be configured in the Signing profile as well. The same goes for the "Detached" signatures. |
||
Hashing Algorithm |
The selected hashing algorithm is used as part of the signature generation process. Following hashing algorithms are supported:
Note: In case of remote signing the "Hashing Algorithm" selected in the Go>Sign Service and the Signing Service should be same i.e. if the option selected in the Go>Sign profile is "SHA256" then the same should be configured in the Signing profile as well. |
||
Default signing reason |
This defines the default signing reason that should be shown on the signature dialogue during the signing operation. |
||
Default signing location |
This defines the default signing location that should be shown on the signature dialogue during the signing operation. |
||
Default signer's contact information |
This defines the default signer's contact information that should be shown on the signature dialogue during the signing operation. |
||
EPES Signatures |
Explicit Policy Based Electronic (EPES) signature settings are only available for the PAdES Signature types. By enabling the check box Add Signature Policy Identifier, the Go>Sign profile can be used to produce (EPES) signatures where a signature policy OID, URI and user notice are added in the digital signature as specified below. 1. Signature Policy Object ID Provide the Signature Policy OID to be added for EPES signatures 2. Signature Policy URI Provide the Signature Policy URI to be added for EPES signatures. If there is no Policy URI defined inside the Go>Sign profile then EPES configurations should be made in policy.properties file located at: [ADSS Installation Directory]/service/ Open this file in any text editor and enter policy OID and path to the policy document e.g. 1.2.3.4.5 = "F:/Policy_File"
3. Signature Policy User Notice Provide the user notice to be added to the EPES signatures. |
||
Apply certify (author) signature |
Allows you to certify+sign the document and select one of the following document protection options:
This means that no further changes can be made to the document or its fields.
This option allows any existing forms fields to be filled and any existing signature fields to be signed.
This option allows annotations to be made on the document and any existing forms fields to be filled and any existing signature fields to be signed. Note: If the document to be signed already has a certify signature on it then this would normally lead to an error. This option is intelligent and ignores the request for a "certify" type of signature a standard signature is applied instead. This means that one profile can be used to sign a document multiple times - the first will be certify signed and the other signatures will be standard signatures. |
See also
PDF/PAdES Hash Signing Attributes
CMS/CAdES Signing Attributes
XML/XAdES Signing Attributes
MS Office Signing Attributes