Sign automatically with PDF signer Server

The PDF Signer Server software allows you to automate signature tasks (without any user intervention). This is possible via the command line, with a Powershell script or in .NET.
In the page below we will cover an example in command line and in Powershell script.

With command line

To automate the signing of documents from the command line, here are the parameters to be entered:

PDF Signer Server.exe <file | folder source> <file | folder destination> [<XML configuration file>]

• PDF Signer Server.exe: indicates the path where the executable of PDF Signer Server is located. By default, the path is: C:\Program Files\Secure Soft\PDF Signer Server\PDF Signer Server.exe


• <file | folder source> : indicate here the file to sign or the folder containing the documents to be signed.


• <file | folder destination> : enter the destination path of the signed file or of the folder that will contain the signed documents.


• [<XML configuration file>] : this is an optional parameter where you can specify an XML configuration file.

Note: however, you must configure the software for the first time via the graphical interface in order to choose a certificate. Otherwise you will get the following error:

An error has occured : Digital signature certificate is not set.

Here is an example of a command line to type to automate the signing of all documents in a folder

"c:\Program Files\Secure Soft\PDF Signer Server\PDF Signer Server.exe" c:\folder_not_signed c:\folder_signed

You can save this command in a .bat file that you just need to run to automate the signing.

Using a Custom XML Configuration File

you may need to have a different configuration depending on the documents to be signed (different certificate, signature location and appearance, ...). For that, launch the PDF Signer Server software and prepare your configuration. When finished, click File and Save configuration As... to save your configuration in XML format.

You can then use this file in the command line. Here is an example :

c:\Program Files\Secure Soft\PDF Signer Server\PDF Signer Server.exe" c:\folder_not_signed c:\folder_signed c:\personal_config.xml

With a Powershell script

First, download the library at this address: SignatureLibrary.zip

In the "PowerShell Scripts" folder, you will find several sample scripts for signing documents (PDF or Office). Here is an example of a Powershell script which uses a certificate present in a cryptographic token, with recording of the PIN code.

    #This script is configured to use a certificate from the Windows store (including that of a token).
    if ($args.Length -eq 0)
    {
        #Message if no argument is entered
        echo "Usage: signpdf.ps1 <file | folder source> <file | folder destination>"
    }
    else
    {
        #Loading DLL
        $DllPath = 'C:\Users\Administrateur\Desktop\test_powershell\SignLib.dll'
        [System.Reflection.Assembly]::LoadFrom($DllPath)
        $DllPathITextSharp = 'C:\Users\Administrateur\Desktop\test_powershell\iTextSharp-4.1.6.dll'
        [System.Reflection.Assembly]::LoadFrom($DllPathITextSharp)


        #Reading the PDF source file
        $sign = new-object -typeName SignLib.Pdf.PdfSignature("serial number")
        $sign.LoadPdfDocument([System.IO.File]::ReadAllBytes($args[0]))
    

        #To automate the signature of the document, you must indicate a "unique" selection criteria to the script (email, thumprint, serial number, ...)
        $criteria = "EmailE" #type of search criteria (EmailE = email, CommonNameCN = CN, SerialNumber = serial number,...)
        $criteriaValue = "john.doe@tbs-certificats.com"

        #To bypass the PIN code request
        [SignLib.Certificates.DigitalCertificate]::SmartCardPin = "123456";
    
        #Retrieving the concerned certificate found in the Windows MMC
        $sign.DigitalSignatureCertificate = [SignLib.Certificates.DigitalCertificate]::LoadCertificate("validOnly", $criteria, $criteriaValue)

        #For the TimeStamp
        $sign.TimeStamping.ServerUrl = "http://ca.signfiles.com/TSAServer.aspx"

        #If need authentication
        #$sign.TimeStamping.UserName = "username"
        #$sign.TimeStamping.Password = "password"

        #LTV
        $sign.PadesLtvLevel = "IncludeCrlAndOcsp" #CRL et OCSP
        $sign.MaxCrlSize = 2048 * 1024 #maximum size of CRL
        $sign.SignatureStandard = "Cades"

    
        #Signature customization
        $sign.SigningReason = "I approve this document"
        $sign.SigningLocation = "TBS Certificats - 22 rue de Bretagne 14000 CAEN"
        $sign.SignaturePage = 1
        $sign.SignaturePosition = [SignLib.Pdf.SignaturePosition]::TopRight

        echo "Signature in progress..."
        [System.IO.File]::WriteAllBytes($args[1], $sign.ApplyDigitalSignature())
    }

Here is an explanation of how the script works:

• We fill in the DLLs necessary for the script
• The script reads the file provided in "source" argument
• We indicate which certificate to take into account for the signature with a specific search criterion
• Enter the token PIN code (if necessary)
• Possibility of informing the TimeStamp server as well as the LTV (Long Term Validation)
• Indication of different values ​​for the signature (custom message, location, on which page, ...)
• The script signs the document and saves it to the location provided in the "destination" argument

Useful links

• Sign PDF document with PDF Signer Server
• Official documentation: .NET library