Manage Signing Certificates

You can manage signing certificates for an enterprise user as a system administrator, similar to an enterprise administrator on the web, if you are allowed to edit the user accounts section in the operator's role.

Add a Custom Signing Certificate

You can add a custom signing certificate that has already been generated in the signing server (i.e. ADSS), as a result of any third-party business application.

  1. Log in to SigningHub Admin with an administrator account, having the permissions to manage a certificate in the admin role.

  2. Click the 'Accounts' option from the navigation panel. The 'Accounts' screen will appear.

  3. Now click the menu icon adjacent to it, and select the "Edit Account" option.

  4. The Account Information screen will appear to display the account details. The screen comprises of two tabs: Personal Information and Signing Certificates.

  5. Click theicon on the Signing Certificates tab to add a Custom Signing Capacity.

  6. Provide all required information, including Capacity Name, Certificate Alias, Certificate (CER), Level of Assurance and Key Protection Option.

Basic Information

Fields

Description

Capacity Name

Certificate friendly name that appears on the signing dialog at signing time.

Certificate Alias

Certificate alias that was provided while generating the signing keys in the signing server i.e. ADSS.

Certificate (CER)

Certificate that was generated against the above certificate alias in the signing server i.e ADSS.

Level of Assurance

Select the level of assurance for a signing certificate that should be used for that particular signing certificate. The following values will be available to select: Advanced Electronic Signature (AES), High Trust Advanced (AATL) and Qualified Electronic Signature (QES) Advanced Electronic Signature (AES) will be shown as default selected value.

Key Protection Option

Select one of the available options from the list as per the certificate key. If your signing certificate was generated with a username/password or the intended certificate was generated for remote authorisation signing. The following values will be available to select: User Password and Remote Authorisation. User Password will be shown as a default selected value.

Set as default

Tick this checkbox for your signing certificate to be set as default. At the time of signing, your default signing certificate appears as selected by default in the signing dialog.

  1. Only one capacity can be set, as a default at a time. If a capacity is already set as default, then upon setting a new capacity as default, the previous will no longer remain a default signing capacity.

  2. Certificate Alias is a Unique Identifier for the signing certificate key and must be the same as specified in the ADSS.

  3. The Capacity Name should be unique, user-friendly (consisting of letters and digits) and should not be more than 100 characters.

Edit a Custom Signing Certificate

You can also update information for a custom signing capacity, if any changes are required, e.g. Capacity Name, Certificate Alias, etc.

  1. Log in to SigningHub Admin with an administrator account, having the permissions to manage a certificate in the admin role.

  2. Click the 'Accounts' option from the navigation panel. The 'Accounts' screen will appear.

  3. Now click the menu icon adjacent to it, and select the "Edit Account" option.

  4. The Account Information screen will appear to display the account details. The screen comprises of two tabs: Personal Information and Signing Certificates.

  5. Click the menu icon on the Signing Certificates tab and click Edit to update a Custom Signing Capacity.

  6. You can now update the required information. The Key Protection Option cannot be updated.

  7. Click on Save to apply the changes.

  8. A confirmation message appears when changes are saved.

Delete or Revoke a Signing Certificate

You can either delete an existing custom signing capacity or revoke a system-generated certificate if it's no longer in use for signing purposes.

  1. Log in to SigningHub Admin with an administrator account, having the permissions to manage a certificate in the admin role.

  2. Click the 'Accounts' option from the navigation panel. The 'Accounts' screen will appear.

  3. Now click the menu icon adjacent to it, and select the "Edit Account" option.

  4. The Account Information screen will appear to display the account details. The screen comprises of two tabs: Personal Information and Signing Certificates.

  5. Click the menu icon on Signing Certificates tab and select the 'Delete' or 'Revoke' option.

  6. A confirmation message appears. Click on YES to delete or revoke your signing certificate.

  7. A confirmation message appears on successful deletion or revocation. The certificate no longer appears in the certificate list after deletion or revocation.

  1. System-generated certificates can only be revoked from the SigningHub Admin by a System Administrator. An Enterprise Administrator cannot revoke a certificate from a SigningHub enterprise user.

  2. Custom certificates can only be deleted, but cannot be revoked by the Admin.

PreviousCreate a New AccountNextView Account Details

Last updated