Trusted Devices for Signing

Trusted certificates for signing – is a list of certificates, bound to the user account, which can be used for signing documents with digital signature.

You can set up the list of trusted certificates in the user profile, on the Trusted certificates for signing panel (fig. 1).

Fig. 1. User profile. Trusted certificates for signing panel

For users to be able to add, enable and/or delete certificates for signing, you must select No in the Forbid users to edit signature settings in their profiles field in Administration – System – Digital Signature Settings – General Settings. Note that you can work with certificates in Internet Explorer, Mozilla Firefox and Google Chrome.

To restrict signature of documents with digital signature to trusted certificates only, you need to:

make a list of trusted certificates for signing;
enable the Enable signing only with trusted certificates option in the Sign Document unit or on the page with the certificates list.

Adding a certificate to trusted certificates

There are two ways to add a certificate to trusted devices:

in the Sign Document unit, click Bind certificate for signing; in the opened dialog box (fig. 3), select a certificate and click Bind;
on the Trusted certificates for signing panel, click Edit. The Trusted Certificates for Signing page will open (fig. 2). Click Add Certificate on this page.

Fig. 2. A user's list of trusted devices for signing

After that a dialog box will open (fig. 3), where you must select the required certificate and if necessary specify additional parameters.

Fig. 3. Certificate Binding dialog box

Certificate^*– a drop-down list of available certificates, that have been installed earlier.

The Bind for all user's actions box allows binding the selected certificate for signing documents with digital signature, to signing in to the system with a certificate as well.

The Make a default certificate box is selected by default. This option is displayed only if the Allow signing only with the default certificate option is enabled in Administration – System – Digital Signature Settings – General Settings. If you check this box, the selected certificate will be used by default when signing with digital signature. If a different certificate is used when signing a document with digital signature a warning will be displayed (fig. 4).

Fig. 4. Signing a document with digital signature

Note, that if you make a certificate a default certificate (fig. 3), the Trusted certificates for signing page will display a respective checkbox next to the selected certificate (fig. 5).

Fig. 5. List of trusted certificates

To change the default certificate, check the box in another field (fig. 5). A notification will be displayed (fig. 6).

Fig. 6. Default certificate dialog box

After selecting a respective certificate and settings up the required parameters, click Bind (fig. 3). A dialog box with information on successful certificate binding will be shown (fig. 7).

Fig. 7. Certificate Binding dialog box

Note, that one certificate for signing can be bound to only one system user. If a user attempts to sign a document with digital signature using a certificate bound to another user, a warning will be shown (fig. 8).

Fig. 8. Signing a document with digital signature

Enable signing only with trusted certificates

After forming a list of trusted certificate, you can restrict signing of documents with digital signature to only trusted certificates. There are two ways to enable signing with trusted certificates only:

on the page with the list of trusted devices (fig. 2) click Enable signing only with trusted certificates;
in the user profile (fig. 1), Sign Document unit, click Enable signing only with trusted certificates.

A confirmation dialog box will open (fig. 9), where you need to click Yes.

Fig. 9. Trusted certificates dialog box

After that, the page with the list of trusted certificates will display a corresponding notification (fig. 10), and the Disable signing only with trusted certificates button will appear in the Sign Document unit (fig. 11).

Fig. 10. List of trusted certificates

Fig. 11. User profile. Sign Document unit

After that, signing of documents with digital signature will be possible only with trusted certificates. If you try signing documents with certificates, not added to trusted, a respective warning will be shown (fig. 12).

Fig. 12. Signing a document with digital signature

Deleting a certificate from trusted certificates

To delete a certificate from the list of trusted certificates, click

next to a certificate on the page with the list (fig. 2). After that, a confirmation dialog box will open (fig. 13). Click Yes.

Fig. 13. Deleting a certificate

Note, that if you enabled signing only with trusted certificates, you will not be able to delete the last certificate from the list. If you try to do so, a respective notification will be shown (fig. 14).

Fig. 14. Deleting a certificate