High-volume document sealing service

High-volume document sealing service

The Entrust Signing Automation Service is a Cloud-based digital signing service that can be plugged in to your document applications and workflows in order to automatically generate Entrust-issued digital seals for your organisation's documents.

The service is designed for integrating into applications and platforms using our Signing Automation client.


While a digital signature represents a natural person (an individual), a digital seal represents a legal person (an Organization). Digital seals ensure that a document is tamper-proof and carries your verified Organization's name.



Keep ownership and control of your content

Trusted digital seals on documents provide real guarantees of ownership and integrity, as well as non-repuduation when combined with timestamping


Built for integration

The signing service is accessed via our Entrust Signing Automation Client, which is supported by major PDF tools and any PKCS#11-compatible environment.


A full service without hardware management

We provide and maintain everything for you: the HSM, the sealing software, the publicly-trusted certificates, and public timestamping and OCSP services.

  • Architecture
  • 特徴
  • Setup
  • インテグレーション


The Entrust Signing Automation Service can be called to generate a digital seal from a hash value that is sent by your document application. This seal is then embedded back into your document by your application.

A hash value is a fixed-length series of digits representing the content of your document. The Entrust Signing Automation Service never receives any sentitive information or intellectual property.

The following diagram illustrates a typical integration of the Signing Automation Service. It does not include the optional timestamping and OCSP flows.



Centralized Service

Delegate all Organization-signing activities to a central service that is entirely integrated to your existing applications and workflows.

六角形のアイコン - 回転速度計 - 緑色

High Volume

The Entrust Signing Automation Service was built for bulk signing, and will enable you to generate thousands of seals per year.


Quick Deployment

The service is deployed in the Cloud and accessible via a PKCS#11 client.


nShield HSM

The service leverages FIPS 140-2 Level 3 HSMs from our own datacenter.

clock icon in hex shape


Every seal generated can also be timestamped with our RFC 3161-compliant timestamping service.


LTV (Long-Term Validation)

Leverage our TSA (Timestamping Authority) and OCSP (Online Certificate Status Protocol) services to create Long Term Validation (LTV) seals and extend your seals’ lifetime.


The Signing Automation Service is accessed by a PKCS#11 client that we provide and which must be installed on your application.

In order to set up the signing service, we will provide you with a license to access a signing service where you will be able to generate a CSR.

If you are a new customer, we will also enroll you for an Entrust Certificate Services account, and your Organization will be verified. Once this is done, you will be able to order your publicly-trusted Document Signing certificate and add its public key to the signing service.
And voilà! You can start integrating your signing service to your application.


The Entrust Signing Automation service is guaranteed to be compatible with the following services:

  • Entrust Java Toolkit
  • iText 5/7 (Java)
  • Oracle/Open JDK

  • You are free to test the integration of our service to your custom environment, provided that it supports the PKCS#11 standard.