The sealing and signing service

The web service method Seal provides:

  • Electronic sealing of an input file (data) with a qualified electronic seal certificate, which is:

    • Uploaded using the 602 ID account user interface in the SecuSign secure storage – Azure KeyVault.

    • Generated in a qualified device (HSM) for the Remote sealing service.

    • Generated on a customer’s local qualified device (HSM).

    • Installed in a system certificate store, or located in a PFX file, on an SDK server.

  • Electronic signing of an input file (data) with a qualified electronic signature certificate, which is:

    • Generated in a qualified device (HSM) for the Remote signing service.

Additionally, the web service method SealEx provides:

  • Electronic signing / sealing of an input file (data) with a visualization and reason / place of signing / sealing.

The output of both methods is an electronically sealed or electronically signed document or an external signature/seal, with a qualified time stamp.

The qualified time stamp is drawn using an authentication certificate or basic authentication (name/password) from the time stamp provider’s URI specified in SecuSign SDK configuration. The default SDK configuration receives a qualified time stamp from PostSignum QTSP.