Signature verification

Signature verification is the process of validation of a file which has a digital signature attached to it when exported by the server or remote software. It is used to verify that a file has not been altered by another application and to check the authenticity of a non-proprietary, exported file. In case the document attachment contains an invalid signature file, the user receives an error message on saving the document with the possibility to download the error report.

Open the Signature tab and expand the panel Signature Verification to configure the signature verification functionality.

To configure the signature verification functionality:

• Specify the general configuration functionality by selecting the corresponding check boxes. The following options are available:

  • Mathematical Check Only: Enables verification of only formal language.

  • Store Verification Report: Select the check box to enable the storage of the verification results as a separate file.

  • Require Qualified Certificates: Select the check box to enable the usage of certificates approved by authorities.

  • Require Non Repudiation: Select the check box to define that the signature certificate must have a non-repudiation flag in basic key usage to be accepted.

  • Use Included OCSP Values: Select the check box to enable the usage of OCSP (Online Certificate Status Protocol) values included in the signature instead of sending new OCSP requests.

  • Check Outdated Certificates: Select the check box to enable the verification of the certificate expiration date.

• The signature verification filtering functionality is similar to the filtering functionality for timestamping, for more details see Timestamping. The only difference is that instead of the certificate tracking mode you can specify the signature type.

• When ready, click Save to finalize the settings.