Some test text!

Certify a documentkeyboard_arrow_down

Adding a certified signature field to a PDF in Ruby

To add a certification signature field to a PDF document and sign it:

# Open an existing PDF
doc =;

page1 = doc.GetPage(1);

# Create a text field that we can lock using the field permissions feature.
annot1 = TextWidget.Create(doc.GetSDFDoc,, 550, 350, 600), "asdf_test_field");

# Create a new signature form field in the PDFDoc. The name argument is optional;
# leaving it empty causes it to be auto-generated. However, you may need the name for later.
# Acrobat doesn't show digsigfield in side panel if it's without a widget. Using a
# Rect with 0 width and 0 height, or setting the NoPrint/Invisible flags makes it invisible. 
certification_sig_field = doc.CreateDigitalSignatureField(cert_field_name);
widgetAnnot = SignatureWidget.Create(doc,, 100, 200, 150), certification_sig_field);

# (OPTIONAL) Add an appearance to the signature field.
img = Image.Create(doc.GetSDFDoc, appearance_image_path);

# Prepare the document locking permission level to be applied upon document certification.

# Prepare to lock the text field that we created earlier.
certification_sig_field.SetFieldPermissions(DigitalSignatureField::E_include, ['asdf_test_field']);

certification_sig_field.CertifyOnNextSave(private_key_file_path, keyfile_password);

# (OPTIONAL) Add more information to the signature dictionary.
certification_sig_field.SetLocation('Vancouver, BC');
certification_sig_field.SetReason('Document certification.');

# Save the PDFDoc. Once the method below is called, PDFNet will also sign the document using the information provided.
doc.Save(outpath, 0);

Digitally sign PDF files
Full code sample which demonstrates using the digital signature API to digitally sign and/or certify PDF documents.

linkAbout certifying a PDF document

Unlike, approval signatures, there can be only one certification per PDF document. Only the first signature in the PDF document can be used as the certification signature. Certifying a document is like notarizing a document. The process of certifying a document is almost exactly the same as adding approval signatures with the exception of certification signatures requires an entry in the "Perms" dictionary.

linkAbout certifying a PDF/A document

If you want to certify a PDF/A document, it is best to convert to PDF/A first, then certify. This is because PDF/A changes the contents of the document, while digital signatures, including certifications, rely on the document's bytes remaining the same so that they can be digested and compared with the embedded cryptographic digital signature.

A DigitalSignatureField can be added before or after PDF/A conversion, since there aren't any requirements in PDF/A upon it.

The PDF/A-2 specification allows adbe.pkcs7.detached and adbe.pkcs7.sha1 certification-type or UR3-type cryptographic digital signatures, with or without secure timestamps, with or without embedded revocation information, which must be signed if present. A single SignerInfo must be present. Attribute certificates must not be used. The PDFNet SDK's signing support is sufficient to meet the requirements of PDF/A-2 compliance if used properly.

There shouldn't be any problem with retaining PDF/A compliance after digitally signing a document, so long as there is no annotation appearance for the digital signature field, or there is an appearance and that appearance conforms to PDF/A, i.e. e.g. sections 6.3.2 and 6.3.3 of the PDF/A-2 specification (ISO-19005-2).

An additional limitation of PDF/A for digital signing is the implementation limit that says that a conforming file shall not contain any string longer than 32767 bytes. Sometimes, signatures with a large amount of data will cause the Contents byte string in the digital signature dictionary to exceed this limit.

The PDF/A-2 specification also mentions the following:

A Widget annotation dictionary or Field dictionary shall not 
contain the A or AA keys. The NeedAppearances flag of the 
interactive form dictionary shall either not be present 
or shall be false.

Here is what 6.3.2 and 6.3.3 say about the annotation:

6.3.2 Annotation dictionaries

Except for annotation dictionaries whose Subtype value 
is Popup, all annotation dictionaries shall contain 
the F key. If present, the F key’s Print flag bit shall 
be set to 1 and its Hidden, Invisible, ToggleNoView, and 
NoView flag bits shall be set to 0.

Text annotations should set the NoZoom and NoRotate 
flag bits of the F key to 1.

NOTE The restrictions on annotation flags prevent the
use of annotations that are hidden or that are viewable 
but not printable. The NoZoom and NoRotate flags are 
permitted, which allows the use of annotation types that 
have the same behaviour as the commonly-used text 
annotation type. By definition, text annotations exhibit 
the NoZoom and NoRotate behaviour even if the flags are 
not set, as described in ISO 32000-1:2008, 12.5.3; 
explicitly setting these flags removes any potential 
ambiguity between the annotation dictionary settings and 
reader behaviour.

6.3.3 Annotation Appearances

Every annotation (including those whose Subtype value 
is Widget, as used for form fields), except for the two 
cases listed below, shall have at least one appearance 

-- Annotations where the value of the Rect key consists 
of an array where value 1 is equal to value 3 and value 
2 is equal to value 4.

-- Annotations whose Subtype value is Popup or Link.

A conforming reader shall render the appearance dictionary 
without regard to any other keys and values in the 
annotation dictionary and shall ignore the values of 
the C, IC, Border, BS, BE, CA, H, DA, Q, DS, LE, LL, 
LLE, and Sy keys.

NOTE 1 Requiring an appearance dictionary for each 
annotation ensures the reliable rendering of the 

For all annotation dictionaries containing an AP key, 
the appearance dictionary that it defines as its value 
shall contain only the N key. If an annotation 
dictionary’s Subtype key has a value of Widget and 
its FT key has a value of Btn, the value of the N 
key shall be an appearance subdictionary otherwise 
the value of the N key shall be an appearance stream.

NOTE 2 In accordance with the requirements of 
and of ISO 32000-1:2008, a Button form field 
needs to have multiple appearance states, each one 
associated with the specific values that the button can take.

Get the answers you need: Support


Free Trial

Get unlimited trial usage of PDFTron SDK to bring accurate, reliable, and fast document processing capabilities to any application or workflow.

Select a platform to get started with your free trial.

Unlimited usage. No email address required.

Join our live demo to learn about use cases & capabilities for WebViewer

Learn more