Signing settings

The administrator can use the Signing settings to set preferences and configurations for this account that are specific to the actual signing of documents.

Biometric encryption key

This encryption key is used to encrypt biometric signature data whenever it is captured during the signing process. Generally, such data is only captured when using specific hardware signature tablets during the signature capture process. Ideally, you should upload the public key for your company here, and take all precautions to securely protect the private key. This approach ensures that you can encrypt signature data such that only the person with access to the private key will be able to decrypt it at a later time (if necessary).

To upload the public key, click Browse and select the public key file from your local computer.

If no biometric key is set here, a default biometric key is used, and a warning will appear at the top of each SignDoc Standard page, instructing the administrator to update the biometric key.

Signing certificate

This digital signing certificate is used for each SignDoc Standard signature placed in a document. Click Install certificate to browse the file system on the local computer to select and upload the digital certificate. Once uploaded, the selected certificate is used for all signing processes.

SignDoc requires a PKCS#12 certificate store file that contains exactly one certificate for signing and verifying a signature. Key usage extension digital signature and/or non-repudiation have to be enabled.

The possibility to select your own signing certificate allows an administrator to ensure that a certificate’s credentials match the account holder’s. This is particularly important for the final signed documents. When inspecting signed documents, the certificate selected here is displayed and the document is shown as being signed by the owner of the certificate.

If no certificate is selected, a default self-signed certificate is used, and a warning appears at the top of each SignDoc Standard page, instructing the administrator to update the signing certificate.

  • The certificate password dialog box in the Manage Client accepts a maximum of 127 characters.
  • An already uploaded signing certificate cannot be replaced immediately with the same certificate. You have to delete the certificate first to prevent an error.