Digital Signatures

Overview

A digital signature is a way to indicate that a document is authentic, has been signed by a particular person, and has not been modified since the signature was applied. They are no longer supported, but existing signatures created in earlier versions can still be viewed and validated.

How they work

When a document is digitally signed, a hash of the signed content (image pages, the electronic file, and other signature information) is created using. A personal Windows signing certificate is then used to sign the hash, and the result is stored in the database. This hash is used to verify the contents of the document during signature validation. This allows you to sign the document without modifying the document contents themselves.

The signing certificate also uses a certificate chain to connect the user certificate to a certificate authority. The certificate authority is the end of the certificate chain: if the chain is intact and valid, and the certificate authority is trustworthy, then the certificate can be trusted and, by extension, the signature can be trusted and the document's contents can be verified as consistent with the state it was in when it was signed. Certificates can either reference a third-party certificate authority or to an internal public key infrastructure as the certificate authority.

Creating new signatures is no longer supported.

Note: A digital signature in Laserfiche signs the document's electronic document content, page images, signature comments, and signing images. It does not sign page text, metadata, or annotations. Page text, metadata, and annotations can be modified without invalidating the signature; electronic document contents, page images, and signature details cannot.