Certificate Settings

Can I use the certificate that is hosted on an external server to counter-sign the document?

Yes. Certificate Settings allows you to configure signing certificate credentials so that the certificate that is hosted in the external server can be fetched and used to counter-sign the document.

Step 1: Login to emSigner Super Admin account. Click on ‘Settings’ tab to open the Admin Settings. Click on “Certificate Settings” under Admin settings

Certificate Settings tile under Admin Settings

Step 2: You will be navigated to the Certificate settings page, click on the ‘Create New‘ button.

Certificate Settings Page

Step 3: There are three types of Signing service available: Emudhra Signing, Azure Key Vault and Remote Signing.

For Emudhra Signing you need to configure the following fields to enable certificate settings

  • Certificate Serial Number – Enter the Serial Number of the Certificate that will be used for signing

  • Certificate Password – Enter the password of the certificate that will be used for signing

  • Signing API URL – Enter the URL from where the certificate needs to be fetched

Certificate Settings for Emudhra Signing

For Azure Key Vault you need to configure the following fields to enable certificate settings

  • Application(Client) ID – Enter the Client ID of the certificate setup in the Microsoft AKV

  • Client Secret – Enter the Client Secret that is generated in the Microsoft AKV account for the certificate

  • Key Identify – Enter the Key that is generated in the Microsoft AKV account for the certificate

  • Certificate Type - Select the option of either 'Organization' or 'Individual'

    • Organization - If this option is selected, the configured certificate will be used to counter sign all the documents originated by all the internal users

    • Individual - If this option is selected, the configured certificate will be available to be mapped against each individual user

  • Enable for Internal Users - If this checkbox is enabled, the configured certificate will be used to counter sign documents originated to all external users

Certificate settings for Azure Key Vault Certificate

For Remote Signing you need to configure the following fields to enable certificate settings

  • Application(Client) ID – Enter the Client ID of the certificate setup for using it in Remote Signing

  • Client Secret – Enter the Client Secret of the certificate

  • Key Identify – Enter the Key of the certificate setup

  • Certificate Type - Select the option of either 'Organization' or 'Individual'

    • Organization - If this option is selected, the configured certificate will be used to counter sign all the documents originated by all the internal users

    • Individual - If this option is selected, the configured certificate will be available to be mapped against each individual user

  • PIN Protection - If this checkbox is enabled, for the users to access the certificate, they will be forced to create a PIN for the first time and use the same next time onwards

  • Enable for Internal Users - If this checkbox is enabled, the configured certificate will be used to counter sign documents originated to all external users

Certificate Settings for Remote Signing Certificate

Step 6: The configured fields will be listed on the page. It can also be edited using the edit icon under the Actions column

Edit and Delete under Actions of Certificate Settings

Last updated