Advanced Settings
This page is used to configure the following advanced settings:
For PDF/PAdES profiles the following settings are shown:
For XML/XAdES profiles, the following settings are shown:
For CMS/CAdES profiles, the following settings are shown:
The configuration items are as follows:
| Item |
Description |
| Signature Dictionary Size |
Specify the signature dictionary size to be reserved in the PDF file. This increases the size of the PDF document independent of the visible signature appearance.
For basic and timestamped signatures if the space allocated is 20KB then PDF document size is increased by 20KB. For PAdES Part 2 LTV signatures the size of the PDF document increases by the allocated space and the size of the revocation information of the signer's complete certificate chain. If the space allocated is 20KB and the size of the revocation information of the signer's certificate chain is 40KB then the PDF document size increases by 60KB after signing. PAdES Part 4 LTV signatures also add a Document Timestamp to the PDF.
Signatures are placed in the signature dictionary, revocation data is placed in the DSS dictionary. The Administrator need to specify the signature size only while the revocation size will be computed independently of the signature dictionary.
For PDF/PAdES Hash profiles, the business application should manage the signature dictionary size while generating the respective signature type. If business application is using ADSS Client SDK then PdfSigningRequest class provides a method "setSignatureDictionarySize" to set the signature dictionary size. |
| Allow Document Conversion |
Check this option if you want to convert your input (Non-PDF) document to PDF before signing. For converting to PDF/A compliant document following configurations are also available
Note: Following formats are currently not supported for conversion:
You must enable the font embedding option on Signature Settings tab.
|
| Use System XML Implementation |
Check this option if you want your application to use the local system XML implementation. If unchecked then Apache's XML implementation will be used.
Note: This option is only available in case of XML profile.
|
| Service Address |
This defines the publically accessible address for the Go>Sign Service. Go>Sign Clients communicate with the Go>Sign Service using this address. The address provided here overrides the default Go>Sign Service address configured in the Go>Sign Service Manager settings.
Note: For complex integrations such as Ascertia's SigningHub, the Go>Sign Service may only be accessible via reverse proxy configurations, e.g. using the Apache Tomcat AJP Connector. This allows Go>Sign Clients to communicate with Go>Sign Service via the business application hosted address.
Click here for Instructions on how to configure the Apache Tomcat AJP connector for different web servers.
|
| Check signer certificate revocation before signing |
Check this option if you wish to check the revocation status of the signer's certificate before signing.
Note: This option will only be shown if Basic/BES signature type is selected on the Signature Settings page. Long-term signatures are automatically validated by the Verification Service during enhancement to timestamped or long-term signatures.
|
| Compute hash during signing operation |
While creating a PKCS#1 signature some local systems insist on computing the hash as part of signature process regardless of whether the hash of the data was provided rather than the data. This option allows these process steps to operate:
|
Clicking the Finish button will create the Go>Sign signing profile.
See also