Digital Signatures (PKI)
Embed cryptographic digital signatures using X.509 certificates. Documents show as "Signed and Verified" in Adobe Reader, the highest level of trust for self-hosted e-signatures.
PKI Signature Capabilities
Enterprise-grade digital signatures that go beyond basic e-signatures.
X.509 Certificate Support
Upload your organization's .p12 or .pfx digital certificate to sign documents with verified organizational identity.
AATL Compatible
Adobe Approved Trust List compatible, signed documents show 'Signed and Verified' in Adobe Reader without warnings.
Long-Term Validation (LTV)
Embedded validation data ensures signatures remain verifiable even after the certificate expires.
Visual Signature Indicator
A visible digital signature block appears in the PDF showing signer identity, timestamp, and certificate details.
Certificate Chain Verification
Full certificate chain embedded in the PDF for independent verification by any PDF reader.
Organization Identity
Documents display your company name, not just the signer's name, essential for B2B and regulated industries.
Tamper Evidence
Any modification after signing triggers an 'Invalid Signature' warning in PDF readers, making tampering immediately detectable.
eIDAS Advanced (AdES)
PKI digital signatures, combined with Didit KYC identity verification, fully meet eIDAS Advanced Electronic Signature requirements, the strongest level available in WPsigner.
How It Works
Upload Certificate
Upload your organization's .p12 or .pfx certificate file in WPsigner settings. Enter the certificate password, it's stored securely and never transmitted.
Document Signed
When all parties sign, WPsigner applies the PKI digital signature to the PDF, embedding the certificate chain, timestamp, and validation data.
Verified in Adobe Reader
Opening the PDF in Adobe Reader shows a green checkmark with "Signed and all signatures are valid", no additional software needed for verification.
Frequently Asked Questions
What is a PKI digital signature?
A PKI (Public Key Infrastructure) digital signature uses cryptographic certificates issued by a Certificate Authority to verify the signer's identity and ensure document integrity. Unlike basic e-signatures (clicking 'Sign'), PKI signatures embed a cryptographic proof into the document that can be independently verified by any PDF reader.
Do I need to buy a certificate?
Yes, you need an X.509 digital certificate (.p12 or .pfx file) from a Certificate Authority. For documents to show 'Signed and Verified' without warnings in Adobe Reader, use an AATL-listed CA like GlobalSign, DigiCert, or Sectigo. Certificates typically cost $200-500/year depending on the provider and type.
What is Long-Term Validation (LTV)?
LTV embeds all necessary validation data (certificate chain, OCSP responses, CRL data) into the signed PDF. This means the signature can be verified even 10 or 20 years later, even if the certificate has expired or the CA no longer exists. This is critical for legal documents with long retention requirements.
Is this the same as eIDAS Qualified Electronic Signature?
No. PKI signatures in WPsigner meet the eIDAS Advanced Electronic Signature (AdES) level, especially when combined with Didit KYC identity verification (government ID + facial biometrics + liveness). Qualified Electronic Signatures (QES) require a Qualified Signature Creation Device (QSCD) and a certificate from a Qualified Trust Service Provider. AdES provides strong evidential value and is sufficient for the vast majority of business contracts.
Enterprise-Grade Digital Signatures
PKI digital signatures are included in every WPsigner plan. Just upload your certificate.
View Pricing