Validating Signatures
When a document has been signed, you can validate the signatures on the document. Validating a signature determines that the document content has not been modified since it was signed, that the certificate can resolve to a trusted root authority, and that the certificate chain does not have any revoked members. If all of these things are true, the signature will be listed as valid; if not, the signature will be listed as invalid.
Countersignatures of existing signatures can also be validated. In addition to the criteria listed above for all signatures, countersignatures will only be listed as valid if the signatures that they countersign are also valid.
Tip: You can perform a batch validation on many documents at once. See Batch Signature Validation for more information.
Valid and Invalid Signatures
When validating a signature, two major elements are checked: the contents of the document, and the signing certificate. If either element is no longer valid, then the signature as a whole is invalid.
A signature validation will check the contents of the document to determine whether they have been modified. If the document's electronic file portion, image pages, signature comments, or signature image have been altered since signing, the signature will no longer be valid. (Page text, metadata, and annotations can be modified without invalidating a signature.)
A signature validation will also check the signature's signing certificate. In order for the signature to be valid, it must be able to resolve to a trusted root authority. If no trusted root authority can be resolved, the signature will become invalid. In addition, none of the members of the certificate chain may be revoked; if any have been revoked, the signature will become invalid.
Finally, countersignatures rely on the validity of the signatures they sign in addition to the elements above. If a signature becomes invalid, its countersignatures will also automatically become invalid.
Once a signature is invalid, it will remain invalid permanently. However, a user can remove the signature and sign the document again to create a new, valid signature.
Note: Certificate expiration will not cause a certificate to become invalid, but it will prevent new signatures from being applied with that certificate.
Validating Signatures
You can validate all the signatures on a document, or validate individual signatures. If your document is under version control, you can also validate signatures by version; see Versions and Digital Signatures for more information. If you do not choose to validate to a specific version, the validation process will validate against the current version.
To validate all signatures on a document
In the Laserfiche Windows client
- Open the Digital Signatures dialog box in one of the following ways:
- Right-click the document and select View Signatures.
- Open the Tasks drop-down menu, point to Digital Signatures, and select View Signatures.
Open the Metadata dialog box or Metadata Pane. Select the Signatures tab.
- The Digital Signatures dialog box will open. Click Validate to validate the signatures on the document. If there are many signatures on a document, this may take a few seconds.
- Each signature will be marked as valid or invalid. If a signature is valid, it will be marked with a green check mark. If a signature is invalid, it will be marked with a red X. Invalid signatures will also list the reason they are invalid.
To validate one specific signature on a document
In the Laserfiche Windows client
- Select a document, then open the Digital Signatures dialog box in one of the following ways:
- Right-click the document and selecting View Signatures.
- Open the Tasks menu, point to Digital Signatures and select View Signatures.
Open the Metadata dialog box or Metadata Pane for any document. Select the Signatures tab.
- The Digital Signatures dialog box will open. Click the name listed after Signed By for the signature you want to validate. The Signature Details dialog box will open.
- Click the Validate button at the top of the dialog box. If the signature is valid, a green check mark will appear. If the signature is invalid, a red X will appear, and the reason the signature is invalid will be displayed.