Signing Automation Service
High-volume document sealing service
The Entrust Signing Automation Service is a Cloud-based digital signing service that can be plugged in to your document applications and workflows in order to automatically generate Entrust-issued digital seals for your organisation's documents.
The service is designed for integrating into applications and platforms using our Signing Automation client.
What is a digital seal?
Benefits
Trusted digital seals on documents provide real guarantees of ownership and integrity, as well as non-repudiation when combined with timestamping
The signing service is accessed via our Entrust Signing Automation Client, which is supported by major PDF tools and any PKCS#11-compatible environment.
We provide and maintain everything for you: the HSM, the sealing software, the publicly-trusted certificates, and public timestamping and OCSP services.
- Architecture
- Features
- Setup
- Integrations
Architecture
The Entrust Signing Automation Service can be called to generate a digital seal from a hash value that is sent by your document application. This seal is then embedded back into your document by your application.
A hash value is a fixed-length series of digits representing the content of your document. The Entrust Signing Automation Service never receives any sensitive information or intellectual property.
The following diagram illustrates a typical integration of the Signing Automation Service. It does not include the optional timestamping and OCSP flows.
Features
Delegate all Organization-signing activities to a central service that is entirely integrated to your existing applications and workflows.
The Entrust Signing Automation Service was built for bulk signing, and will enable you to generate thousands of seals per year.
The service is deployed in the Cloud and accessible via a PKCS#11 client.
The service leverages FIPS 140-2 Level 3 HSMs from our own datacenter.
Every seal generated can also be timestamped with our RFC 3161-compliant timestamping service.
Leverage our TSA (Timestamping Authority) and OCSP (Online Certificate Status Protocol) services to create Long Term Validation (LTV) seals and extend your seals’ lifetime.
Setup
The Signing Automation Service is accessed by a PKCS#11 client that we provide and which must be installed on your application.
In order to set up the signing service, we will provide you with a license to access a signing service where you will be able to generate a CSR.
If you are a new customer, we will also enroll you for an Entrust Certificate Services account, and your Organization will be verified. Once this is done, you will be able to order your publicly-trusted Document Signing certificate and add its public key to the signing service.
And voilà! You can start integrating your signing service to your application.
Integrations
The Entrust Signing Automation service is guaranteed to be compatible with the following services:
You are free to test the integration of our service to your custom environment, provided that it supports the PKCS#11 standard.
