Signing based on National ID validation
Introduction
SigningHub supports local signing through unique RUT values that are exclusively assigned to each user. The users who wish to use the RUT based Go>Sign signing, need to modify the web.config files. The Go>Sign Desktop app has to be installed and should be running on your machine. Your RUT-based certificates that you want to perform signatures with, having the Subject Alternative Name value, must also be installed on your local machine. SigningHub supports the latest version of the Go>Sign Desktop app.
How it works?
Configure a Go>Sign signing profile as a prerequisite, in ADSS.
Modify the Web.config file, in SigningHub directory.
Configure a connector, in SigningHub Admin.
Configure a signing profile, in SigningHub Admin.
Add the signing profile to the service plan.
Add signing server to your enterprise user role.
Add the National ID to your Profile.
Sign the document via SigningHub Web.
Configure a Go>Sign Profile in ADSS
For local signing with RUT, a Go>sign profile is configured in Go>Sign Service.
Make the following configurations to a Go>Sign profile:
From the "General" section, copy the Go>Sign Profile ID because it would be used in SigningHub Admin.
In the "Keystore Settings" section, check "OS native API (MS CAPI & Mac Keychain)".
Modify the Web.config File in SigningHub Directory
To enforce the users to use the RUT values for signing, the Web.config file needs to be modified in the SigningHub Directory.
Make the following modifications to the web.config file:
Change the value of "ValidateRUT" tag to "True". Then save the changes and close the "Web.config" file.
Configure a Connector in SigningHub Admin
Make the following configurations to a connector in SigningHub Admin:
In the "Basic Information" section, choose "ADSS Server" as the "Provider".
In the "Details" section, fill in the required fields.
Configure a Signing Profile in SigningHub Admin
Make the following configurations to a signing profile in SigningHub Admin:
Paste the earlier copied Go>Sign Profile ID, while creating a Go>Sign Profile in the ADSS, in the highlighted field below:
Add Signing Profile to a Service Plan
Make the following configurations to a service plan in SigningHub Admin:
Select and add the earlier configured Signing Profile, in a service plan in SigningHub Admin, as shown below:
Allow Users to Add National ID
Make the following configurations to global settings in SigningHub Admin:
Check the "Allow Users to Add National ID" checkbox to allow the users to add their National ID to their profiles, as shown below:
Add Signing Server to a User Role in SigningHub Web
Make the following configurations to a user role in SigningHub Web:
Against your user role, in the "Signing Server Preferences" tab, add the signing server.
Add National ID to your Profile
Make the following configurations to your profile in SigningHub Web:
Copy the National ID, which is defined as the value of "Subject Alternative Name" from your certificate, and paste it in the "National ID" field, as shown below:
The National ID can also be provided at the time of new user registration.
Go>Sign Signing via SigningHub Web
To sign the document via SigningHub Web, follow the below-mentioned steps:
Open SigningHub Web and open a document having a signature field that you want to sign.
Double-click on the signature field and select the Go>Sign Signing Server. Upon selecting the signing server, the system will fetch all the certificates which have the same "Subject Alternative Name" value as the National ID, specified in your profile. If a National ID has not been provided or an invalid National ID has been provided, the system will not let the user sign the documents using the ADSS or CSC Signing Servers, given that the "ValidateRUT" tag in the web.config file has been set to "True".
Then click "Sign".
After signing the document, you can view "Signature Verification" details. The signatures are verified through the ADSS verification service.
Go>Sign signing supports PDF and XML document signing.
The National ID will be validated for both ADSS (as a local signing server) and CSC Signing Servers, if the "ValidateRUT" tag in the web.config file has been set to "True".
Last updated