have user certificates and configured certification authority;
fill in and save all the signature templates in Administration – Document Management – Digital Signature Templates;
have permissions to sign documents. The permissions are assigned in Administration – Document Management – Permissions for Accessing Document Management Section.
For the certificates to work correctly, you have to configure the certification center and get the root and user certificates.
Certification authority is a component that manages users' encryption keys.
As a certification server, you can use Windows Server 2003 or higher. The certification server can be installed on the same hardware as ELMA server or on separate one.
The certification authority works with encryption providers.
Encryption provider is an independent module, which allows managing users' encryption keys. In ELMA, you can use external or internal encryption providers.
Internal encryption provider creates signatures using standard Windows (RSA, DSA) algorithms with 1024 bit. Internal encryption provider works in Internet Explorer only. It also requires CAPICOM plug-in for correct work.
External encryption provider (CryptoPro CSP) creates digital signatures with 512 bits, and works in all the browsers supported by ELMA but requires installing paid software.
With required access permissions, you can also configure encryption provider settings in the user profile in the Security and Sign Document blocks (fig. 1).
Fig. 1. User profile
To set an encryption provider for signing documents with a digital signature, click Select encryption provider for signing in the Sign Document unit.A dialog box will open (fig. 2).
Besides, in this dialog box (fig. 2) you can change the digital signature type used by default. Check the respective box and choose one of the digital signature types (fig. 3). For more detail on digital signature types, see the respective Help page.
Fig. 3. Select Encryption Provider dialog box. List of available digital signature types
In a similar way you can select the Encryption provider for signing in to the system.