pdf signer user manual

7/23/2019 PDF Signer User Manual

1/23

PDF Signer User Manual

Introduction

The main function of PDF Signer is to sign PDF documents using X.509 digital certificates.Using this product you can quicly sign multiple PDF files !"ul sign# "y selecting input andoutput directory. This is ideal for "ul signing of a large num"er of corporate documents ratherthan signing each one indi$idually.

The positioning of the signature appearance is configura"le% plus on &hich pages of thedocument it should appear !first page% last page or all pages#.

Links

PDF Signer main page' http'((&&&.signfiles.com(pdf)signer(Do&nload PDF Signer !Free *5)Day Trial#' http'((&&&.signfiles.com(apps(PDFSigner.msi

Warning and Disclaimer

+$ery effort has "een made to mae this manual as complete and accurate as possi"le% "utno &arranty or fitness is implied. The information pro$ided is on an ,as is- "asis. The authorshall ha$e neither lia"ility nor responsi"ility to any person or entity &ith respect to any loss ordamages arising from the information contained in this manual.

Trademarks

.+T% /isual Studio .+T are trademars of icrosoft 1nc.2do"e% 2do"e 3eader are trademars of 2do"e Systems 1nc.2ll other trademars are the property of their respecti$e o&ners.

Page * ) PDFSigner User anual !$ersion 4.5# ) http'((&&&.signfiles.com(pdf)signer(
http://www.signfiles.com/pdf-signer/http://www.signfiles.com/apps/PDFSigner.msihttp://www.signfiles.com/pdf-signer/http://www.signfiles.com/pdf-signer/http://www.signfiles.com/apps/PDFSigner.msihttp://www.signfiles.com/pdf-signer/


2/23

Digital Certificates.....................................................................................................................3Digital ertificate 6ocation................................................................................................................................. 7Select the Digital ertificate for reating PDF Signatures.................................................................................8reate a Digital ertificate................................................................................................................................. 5/alidating Digital Signatures in 2do"e...............................................................................................................

Digital Signature Otions.........................................................................................................!Digital Signature 3ectangle............................................................................................................................... :

Set the Digital Signature ;raphic.......................................................................................................................4Signing 3eason and 6ocation............................................................................................................................ 9Using S


3/23

Digital Certificates

Digital Certificate Location

To digitally sign a PDF file a digital certificate is needed. The digital certificates are stored int&o places'

in icrosoft Store

in PFX on P*= files

The certificates stored on Microsoft Storeare a$aila"le "y opening Internet Explorer> Toolsmenu > Internet Options> Contentta" > Certificates"utton !see "elo.

For PDF digital signatures% the certificates stored on Personalta" are used. These certificatesha$e a pu"lic and a pri$ate ey.

The digital signature is created "y using the pri$ate ey of the certificate. The pri$ate ey can"e stored on the file system !imported PFX files#% on an cryptographic smart card !lie 2laddin

eToen or Safeet i?ey# or on a


4/23

Select te Digital Certificate for Creating PDF Signatures

To digitally sign a PDF% a digital certificate must "e selected from Digital ertificates section.The digital certificate used to create the digital signature can "e stored on icrosoft Store or aPFX file.

Page 8 ) PDFSigner User anual !$ersion 4.5# ) http'((&&&.signfiles.com(pdf)signer(

Select the digital certificate
http://www.signfiles.com/pdf-signer/http://www.signfiles.com/pdf-signer/


5/23

Create a Digital Certificate

1f no certificates are a$aila"le on the computer% a ne& certificate can "e created from Createa Digital Certificate section.

This certificate can "e set as the default digital certificate used for PDF signatures.

Page 5 ) PDFSigner User anual !$ersion 4.5# ) http'((&&&.signfiles.com(pdf)signer(

Create a digital certificate
http://www.signfiles.com/pdf-signer/http://www.signfiles.com/pdf-signer/


6/23

'alidating Digital Signatures in /do6e

+$ery digital certificate is issued "y a 3oot 2 !ertification 2uthority#. Some of the 3oot 2Csare included "y default in indo&s ertificate Store !Trusted 3oot ertification 2uthorities#and only a fe& are included in 2do"e ertificate Store. icrosoft and 2do"e use differentertificate Stores different certificate $alidation procedures.

1f the signing certificate !or the 3oot 2 that issued the signing certificate# is not included in2do"e Store% the digital signature is considered Enot trustedE &hen a user open a document&ith 2do"e 3eader !see eBample#.

Tis 6ea0ior as noting to do 2it te signing engine 6ut 2it te /do6ecertification 0alidation rocedure.

To trust a signature the user must add the signing certificate on the 2do"e ertificate Store"ecause only a fe& 3oot 2Cs are considered trusted "y default "y 2do"e certificate$alidation engine !See this article' http'((&&&.ado"e.com(security(partnerscds.html #

To $alidate the signing certificate in 2do"e use the methods descri"ed on this document'http'((&&&.signfiles.com(manuals(/alidatingDigitalSignatures1n2do"e.pdf

Page ) PDFSigner User anual !$ersion 4.5# ) http'((&&&.signfiles.com(pdf)signer(

Validity Unknown signature

Valid signature
http://www.adobe.com/security/partners_cds.htmlhttp://www.signfiles.com/manuals/ValidatingDigitalSignaturesInAdobe.pdfhttp://www.signfiles.com/pdf-signer/http://www.adobe.com/security/partners_cds.htmlhttp://www.signfiles.com/manuals/ValidatingDigitalSignaturesInAdobe.pdfhttp://www.signfiles.com/pdf-signer/


7/23

Digital Signature Otions

Digital Signature +ectangle

1f the chec"oB Visible signature boxis checed% a signature rectangle &ill "e inserted on thePDF document. The appearance of the digital signature can "e customiAed from the

Signature Appearancesection.

The default teBt direction is left to right. To change the teBt direction to right to left !e.g. for


8/23

The default digital signature teBt contains information eBtracted from the signing certificate%signing date% signing reason and signing location "ut the digital signature teBt can "e easilycustomiAed.

Set te Digital Signature


9/23

These types of signatures are sho&n "elo&'

Signing +eason and Location

The signing reason and location attri"utes can "e set from the main interface.

Using S=/1>&8 S=/>"1 =as /lgoritms

The default !and recommended# hash algorithm used "y the li"rary is S=/" "ut in somecases% S


10/23

Certif% a PDF Digital Signature

hen you certify a PDF% you indicate that you appro$e of its contents. Hou also specify thetypes of changes that are permitted for the document to remain certified.

Hou can apply a certifying signature only if the PDF doesnIt already contain any other

signatures. ertifying signatures can "e $isi"le or in$isi"le. 2 "lue ri""on icon in theSignatures panel indicates a $alid certifying signature.

To certify a digital signature% select the certification type from the main interface.

Page *0 ) PDFSigner User anual !$ersion 4.5# ) http'((&&&.signfiles.com(pdf)signer(

Certified signature
http://www.signfiles.com/pdf-signer/http://www.signfiles.com/pdf-signer/http://www.signfiles.com/pdf-signer/


11/23

Include te C+L +e0ocation Information on te PDF Signature

1f the re$ocation information &ill not "e a$aila"le online% the digital signature cannot "e$erified "y the 2do"e 3eader engine so it is recommeded to include the 36 on the signature"loc.

This setting is a$aila"le on the Digital ertificates &indo&.

ote that some re$ocation information files !36# are $ery large so resulting signed file &illproportionally larger.

PDF Signer &ill try to include 36 for e$ery digital certificate from the chain.

Page ** ) PDFSigner User anual !$ersion 4.5# ) http'((&&&.signfiles.com(pdf)signer(


12/23

Page *= ) PDFSigner User anual !$ersion 4.5# ) http'((&&&.signfiles.com(pdf)signer(

( *'+ digital signature without revocation infor!ation

( *'+ digital signature that e!beds the revocation infor!ation


13/23

PDF?/ Standard

PDF(2 is a file format for the long)term archi$ing of electronic documents. 1t is "ased on thePDF 3eference /ersion *.8 from 2do"e Systems 1nc. !implemented in 2do"e 2cro"at 5 andlatest $ersions# and is defined "y 1SG *9005)*'=005.

PDF Signer can digitally sign PDF(2 files.

O6ser0ation;1n order to sa$e a PDF(2 file% all fonts used on the PDF document must "eem"edded !including the font used on the digital signature rectangle#. The digital signaturefont can "e set on the Signature 2ppearance section.


*'+,(-1b docu!ent with digital signature


14/23

Time Staming

Time Stam te PDF Digital Signature

Timestamping is an important mechanism for the long)term preser$ation of digital signatures%time sealing of data o"@ects to pro$e &hen they &ere recei$ed% protecting copyright and

intellectual property and for the pro$ision of notariAation ser$ices.

To add time stamping information to the PDF digital signature you &ill need access to a 3F7**time stamping ser$er.

2 fully functional $ersion of our TS2 2uthority is a$aila"le for testing purposes at this lin'http'((ca.signfiles.com(TS2Ser$er.aspB!no credentials are needed#.

The Time Stamping options can "e configured on the Ti!e Sta!pingsection.

4once and Polic%

The 4once% if included% allo&s the client to $erify the timeliness of the response &hen no localcloc is a$aila"le. The nonce is a large random num"er &ith a high pro"a"ility that the clientgenerates it only once !e.g.% a 8 "it integer#.

Some TS2 ser$ers require to set a Time Stam Ser0er Polic%on the Time Stamp 3equests.Jy default% no Time Stamp Ser$er Policy is included on the TS2 request.

http://www.ietf.org/rfc/rfc3161.txthttp://www.ietf.org/rfc/rfc3161.txthttp://ca.signfiles.com/TSAServer.aspxhttp://www.signfiles.com/pdf-signer/http://www.signfiles.com/pdf-signer/http://www.ietf.org/rfc/rfc3161.txthttp://www.ietf.org/rfc/rfc3161.txthttp://ca.signfiles.com/TSAServer.aspxhttp://www.signfiles.com/pdf-signer/


15/23

'alidating te Time Stam +esonse on /do6e

2s digital signatures certificates% the time stamping responses are signed "y a certificateissued "y a ertification 2uthority.

1f the time stamping certificate !or the 3oot 2 that issued the time stamping certificate# is not

included in 2do"e Store% the time stamping response could not "e $erified &hen a user opena document &ith 2do"e 3eader !see eBample#.

Tis 6ea0ior as noting to do 2it te signing engine 6ut 2it te /do6ecertification 0alidation rocedure.

To $alidate the signing certificate in 2do"e use the methods descri"ed on this document'http'((&&&.signfiles.com(manuals(/alidatingDigitalSignatures1n2do"e.pdf.


ot verified ti!esta!p

/rusted ti!e sta!ping response
http://www.signfiles.com/manuals/ValidatingDigitalSignaturesInAdobe.pdfhttp://www.signfiles.com/pdf-signer/http://www.signfiles.com/pdf-signer/http://www.signfiles.com/manuals/ValidatingDigitalSignaturesInAdobe.pdfhttp://www.signfiles.com/pdf-signer/


16/23

$ncr%tion

1f you &ant to protect the signed document "y pre$enting actions lie printing or contentcopying you must encrypt it. The document can "e encrypted using pass&ords fromEncr"ptionsection.

1f the PDF document is signed and encrypted &ith an #ser Pass$or%&&hen the document isopened in PDF reader% the PDF document pass&ord must "e entered.

Page * ) PDFSigner User anual !$ersion 4.5# ) http'((&&&.signfiles.com(pdf)signer(

0ncryption settings

*assword is reuired to open the docu!ent


17/23

G&ner Pass&ord is used to set the pass&ord that protects the PDF document for printing orcontent copying.

hen the signed and encrypted document is opened in a PDF reader% the security settingsare sho&n lie "elo&.

Page *: ) PDFSigner User anual !$ersion 4.5# ) http'((&&&.signfiles.com(pdf)signer(

Security settings for a digitally sign and encrypted docu!ent


18/23

LT' Signatures (Long Term 'alidation)

P2d+S recogniAes that digitally)signed documents may "e used or archi$ed for many years >e$en many decades. 2t any time in the future% in spite of technological and other ad$ances% itmust "e possi"le to $alidate the document to confirm that the signature &as $alid at the time it

&as signed > a concept no&n as 6ong)Term /alidation !6T/#.

1n order to ha$e a 6T/ signature% "e sure that on the Digital ertificates settings% the

chec"oB Inclu%e certificate re'ocation infor!ation ( Long Ter! signature )LTV* is checed.



19/23

Product +egistration

To register the product you &ill need a serial num"er. 1t can "e purchased online directly formthe product mail page.

2fter you &ill o"tain your serial num"er% open PDF Signer and clic 3egister o& "utton.

+nter the recei$ed serial on the 3egistration &indo&% as "elo&'

lic 3egister "utton.



20/23

1f the serial num"er is correct% the product &ill "e sucesfully registered.

Page =0 ) PDFSigner User anual !$ersion 4.5# ) http'((&&&.signfiles.com(pdf)signer(


21/23

-atc Signatures (/utomaticall% Made Witout User Inter0ention)

Jy default% PDF Signer is installed on this location'C+,Progra! Files,Secure Soft,PDF Signer,PDF Signer-exe.

The command line parameters are'PDF Signer-exe .source file / fol%er0 .%estination file / fol%er0 1.23L configuration file04

To automatically sign a PDF file% use the follo&ing command'c+,Progra! Files,Secure Soft,PDF Signer05PDF Signer-exe5 c+,InputFile-p%f c+,Signe%File-p%f

To automatically sign a folderthat contains PDF files% use the follo&ing command'c+,Progra! Files,Secure Soft,PDF Signer05PDF Signer-exe5 c+,InputFol%er c+,OutputFol%er

Custom Configuration

1n some cases% you &ill need a different signature configuration !e.g. different signature

appearance and digital certificates# for different PDF files(folders.

To sa$e a specific configuration% go to File ( Sa'e Configuration As and sa$e theconfiguration on a file. 6ater% you can use that file in "atch mode to apply different signatureconfiguration on your signed PDF file.

To automatically sign a folderthat contains PDF files% using a custom configuration% use the

follo&ing command'

5PDF Signer-exe5 c+,InputFol%er c+,OutputFol%er c23config-client#.x!l

Page =* ) PDFSigner User anual !$ersion 4.5# ) http'((&&&.signfiles.com(pdf)signer(


22/23

Digitall% Sign PDF Files Using Windo2s Po2erSell

PDF Signer main functions are a$aila"le on Sign6i" li"rary a$aila"le at this lin'http'((&&&.signfiles.com(sd(Signature6i"rary.Aip !open the pro@ect C6 Digitall" Sign a PDFFilelocated on Signature Librar",VS7889 Pro:ects,C6 Digitall" Sign a PDF File folder#

To digitally sign PDF file using indo&s Po&erShell% simply do&nload the li"rary a"o$e andinspect Signature Librar",Po$erShell Scriptsfolder.

The indo&s Po&erShell script &ill loo "elo&'

#digitally sign a PDF file using a PFX certificate creted on the fly

#the script can be configured to use an existing PFX file or a certificate loaded from

Microsoft Store (smart card certificate)

if ($args!ength "e )

%

echo &'sage signpdfps *unsigned file+ *signed file+&

,

else%

$DllPath - .d/Sign!ibdll.

0System1eflection2ssembly3!oadFrom($DllPath)

#create a PFX digital certificate

$generator - ne4"ob5ect "type6ame Sign!ib7ertificatesX897ertificate:enerator(&serial

number&)

$pFXFilePass4ord - &tempP;ss4ord&

$generatorSub5ect - &76--useremail;emailcom= ?-?rgan@ation&

$generator>xtensions2ddAey'sage(0Sign!ib7ertificates7ertificateAey'sage3DigitalSignatu

re)

$generator>xtensions2dd>nhancedAey'sage(0Sign!ib7ertificates7ertificate>nhancedAey'sage3

DocumentSigning)$certificate - $generator:enerate7ertificate($pFXFilePass4ord)

#digitally sign the pdf file

$sign - ne4"ob5ect "type6ame Sign!ibPdfPdfSignature(&serial number&)

$sign!oadPdfDocument(0SystemB?File31ead2llCytes($args03))

$signDigitalSignature7ertificate -

0Sign!ib7ertificatesDigital7ertificate3!oad7ertificate($certificate= $pFXFilePass4ord)

$signSigning1eason - &B approe this document&

$signSigning!ocation - &>urope branch&

$signSignaturePage -

$signSignaturePosition - 0Sign!ibPdfSignaturePosition3Eop1ight

echo &Perform the digital signature&0SystemB?File3rite2llCytes($args03= $sign2pplyDigitalSignature())

,


23/23

'igitally Sign *'+ +iles Using C4 or VB.0/

PDF Signer main functions are a$aila"le on PDFSignDll li"rary a$aila"le at this lin'http'((&&&.signfiles.com(sd(Signature6i"rary.Aip

To digitally sign PDF file using K or /J.+T% do&nload the li"rary a"o$e and inspect PDFDigital Signature SD=,PDFSignDll,PDFSignDll Test Pro:ects folder.

The K &ill loo lie "elo&'

PdfSignatureps - ne4PdfSignature(&your serial number&)G

HHload the PDF document

ps!oadPdfDocument(unsignedDocument)G

psSignaturePosition - SignaturePositionEop1ightG

psSigning1eason - &B approe this document&G

psSigning!ocation - &2ccounting department&G

psSignaturePosition - SignaturePositionEop!eftG

HHDigital signature certificate can be loaded from arious sources

HH!oad the signature certificate from a PFX or PI file

psDigitalSignature7ertificate -

Digital7ertificate!oad7ertificate(>nironment7urrentDirectory J &//certpfx&=

&IKL8&)G

HH!oad the certificate from Microsoft Store

HHEhe smart card or 'SC toNen certificates are usually aailable on Microsoft

7ertificate Store (start " run " certmgrmsc)

HHBf the smart card certificate not appears on Microsoft 7ertificate Store itcannot be used by the library

HHpsDigitalSignature7ertificate - Digital7ertificate!oad7ertificate(false=

string>mpty= &Select 7ertificate&= &Select the certificate for digital

signature&)G

HH4rite the signed file

Filerite2llCytes(signedDocument= ps2pplyDigitalSignature())G

Page =7 ) PDFSigner User anual !$ersion 4.5# ) http'((&&&.signfiles.com(pdf)signer(
http://www.signfiles.com/sdk/SignatureLibrary.ziphttp://www.signfiles.com/pdf-signer/http://www.signfiles.com/pdf-signer/http://www.signfiles.com/sdk/SignatureLibrary.ziphttp://www.signfiles.com/pdf-signer/

pdf signer user manual

Documents