Verify Signatures

This property box determines if, and how, the Get Document Signatures activity will verify the signatures it retrieves.

To configure Verify Signatures

1. Add the Get Document Signatures activity to your workflow definition by dragging it from the Toolbox Pane and dropping it in the Designer Pane.
2. Select the activity in the Designer Pane.
3. Under Verify Signatures in the Properties Pane, configure if, and how, the activity will verify signatures.



• Verify document signatures: Select this option to generate meaningful values for the Signature Is Trusted, Is Trusted, Signature Is Modified, and Is Modified tokens. The Signature Is Trusted token is a multi-value token that will note whether each signature is trusted or not trusted. The Is Trusted token notes whether all signatures are trusted or not trusted. If you do not select this option, these tokens will be given the default value of "True." The Signature Is Modified token is a multi-value token that will note whether the document was modified after each signature. The Is Modified token notes whether the document was modified after any signature. If you do not select this option, these tokens will be given the default value of "False."
• Verify certificate chain: Select this option to verify the whole chain of certificates behind the signatures on the document. If this option is checked, the Signature Is Trusted and Is Trusted tokens will only note signatures as trusted if their certificate chains are trusted as well. Show me an example.

Example: The certificate for a signature on the document is certified by Certificate Authority A, who is in turn certified by Certificate Authority B, who is certified by Certificate Authority C, who has a self-signed certificate. If you select this option, this activity will verify all the certificates in this chain and generate values for the Signature Is Trusted and Is Trusted tokens based on the trustworthiness of the entire chain.

• Only verify that the document hasn't changed: Select this option to only generate meaningful values for the Signature Is Modified and Is Modified tokens. Meaningful values for the Signature Is Trusted and Is Trusted tokens will not be generated.

Note: If you select the last option, the Signature Is Trusted and Is Trusted tokens will not be given meaningful values even if the first two checkboxes are selected.