Join our affiliate network and become a local SSL expert

♦ learn more about our program ♦
picture of tbs certificates
picture of tbs certificates
Our products range

TBSSignaturePDFVerify checking tool

Case in general

This tool checks the validity of the signature appending on a PDF document. It also displays information about the certificate subject and issuer and about timestamping.

This verification checks:

  • the signature significance (all the document?)
  • the integrity of the signed document
  • the certificate used to sign (approved by the certification authority? expired? revoked?...)

Usable with command lines, it does not require any installation. Developed in a Java 1.6 environment, it is available for Linux and Windows platforms.

here is the launch command:

java -jar TBSVerifySignaturePDF.jar -in xxx


Tool argument of an essential parameter:

-in PDFfile

Optional parameters:

-ks keystore.p12 -pwd password -out revisionfile -proxyHost proxy -proxyPort numner -crl crl_file -proxyLogin login -proxyPasswd s3cret

Parameters details

-in PDFfile: the PDF file that is being checked.
-ks: a verification keystore (containing trusted root certificates). If not specified, the tool uses an internal keystore validated by TBS.
-pwd password: keystore password
-out revisionfile: create a revision_number.pdf file, with a number matching the revision number of the signature.
-proxyHost proxy: proxy alias or ip address
-proxyPort number: proxy port number
-proxyLogin: proxy connection login
-proxyPasswd: proxy connection password
-crl crl_file: if you specify an other crl file name


Verification of the PDF document: mydoc.pdf

java -jar TBSVerifySignaturePDF.jar -in mydoc.pdf

Signature of the PDF document mydoc.pdf with proxy information

java -jar TBSVerifySignaturePDF.jar -in mydoc.pdf -proxyHost -proxyPort 8080 -proxyLogin login -proxyPasswd s3cret

Signature of the PDF document mydoc.pdf with a keystore user

java -jar TBSVerifySignaturePDF.jar -in mydoc.pdf -ks myKeystore.jks -pwd s3cret

Nota: for files names, indicate absolute paths.

Application process

When launching the application you'll see 4 steps:

  • Step 1: displays the signature and revision number significance. Displays the subject and the issuer of the certificate and the lsit of CRLs found.
  • Step 2 : Indicates if the document has been modified.
  • Step 3: Downloading of CRLs and confrontation with the certificate.
  • Step 4: Displays information linked to timestamping.
  • Display of potential errors.

Error cases

You may have forget to specify the absolute path to the PDF file (or to the pkcs12 one) that you want to sign.


You may have forget the " -jar " expression before the jar file.


We'd like to thank Bruno Lowagie and Paulo Soares for the classes they publicly released under GPL license and that eased this tool development.