High-volume document sealing service

High-volume document sealing service

The Entrust Signing Automation Service is a Cloud-based digital signing service that can be plugged in to your document applications and workflows in order to automatically generate Entrust-issued digital seals for your organisation's documents.

The service is designed for integrating into applications and platforms using our Signing Automation client.

What is a digital seal?

While a digital signature represents a natural person (an individual), a digital seal represents a legal person (an Organization). Digital seals ensure that a document is tamper-proof and carries your verified Organization's name.


rocket icon white

Keep ownership and control of your content

Trusted digital seals on documents provide real guarantees of ownership and integrity, as well as non-repudiation when combined with timestamping

gears icon white

Built for integration

The signing service is accessed via our Entrust Signing Automation Client, which is supported by major PDF tools and any PKCS#11-compatible environment.

robot icon white

A full service without hardware management

We provide and maintain everything for you: the HSM, the sealing software, the publicly-trusted certificates, and public timestamping and OCSP services.

  • Architecture
  • Features
  • Setup
  • Integrations


The Entrust Signing Automation Service can be called to generate a digital seal from a hash value that is sent by your document application. This seal is then embedded back into your document by your application.

A hash value is a fixed-length series of digits representing the content of your document. The Entrust Signing Automation Service never receives any sensitive information or intellectual property.

The following diagram illustrates a typical integration of the Signing Automation Service. It does not include the optional timestamping and OCSP flows.


platform orange icon in hex shape

Centralized Service

Delegate all Organization-signing activities to a central service that is entirely integrated to your existing applications and workflows.


High Volume

The Entrust Signing Automation Service was built for bulk signing, and will enable you to generate thousands of seals per year.

cloud purple in hex shape

Quick Deployment

The service is deployed in the Cloud and accessible via a PKCS#11 client.


nShield HSMs

The service leverages FIPS 140-2 Level 3 HSMs from our own datacenter.

clock icon in hex shape


Every seal generated can also be timestamped with our RFC 3161-compliant timestamping service.

increase icon

LTV (Long-Term Validation)

Leverage our TSA (Timestamping Authority) and OCSP (Online Certificate Status Protocol) services to create Long Term Validation (LTV) seals and extend your seals’ lifetime.


The Signing Automation Service is accessed by a PKCS#11 client that we provide and which must be installed on your application.

In order to set up the signing service, we will provide you with a license to access a signing service where you will be able to generate a CSR.

If you are a new customer, we will also enroll you for an Entrust Certificate Services account, and your Organization will be verified. Once this is done, you will be able to order your publicly-trusted Document Signing certificate and add its public key to the signing service.
And voilà! You can start integrating your signing service to your application.


The Entrust Signing Automation service is guaranteed to be compatible with the following services:

  • Entrust Java Toolkit
  • iText 5/7 (Java)
  • Oracle/Open JDK

  • You are free to test the integration of our service to your custom environment, provided that it supports the PKCS#11 standard.



    👋 Hello, if you have any
    questions, I'm ready to chat.

    Chat Now