Skip to main content
BuyLog In
Office File API
Search in…
Docs > PDF Document API > Examples > Document Protection > How To: Sign a PDF File with a Certificate Stored in the Windows Certificate Store
All docs
V25.1
    • Office File API
    Demo Application
    Prerequisites
    Install NuGet Packages
    Redistribution and Deployment (.NET Framework)
    .NET/.NET Core Support
    What's New
    Cloud Integration
    Blazor Integration
    Dockerize an Office File API Application
    Use Office File API in .NET MAUI Applications
    Backend Web/REST API for Office File API
    Load and Use Custom Fonts in Office File API
    Sign Office Documents
    Spreadsheet Document API
    Word Processing Document API
    PDF Document API
    Get Started
    Coordinate Systems
    Document Generation
    PDF Graphics API
    Manage Documents
    Additional Content
    Interactive Forms
    Annotations
    Document Security
    Printing
    XMP Metadata
    Examples
    PDF Graphics and Additional Content
    Interactive Form
    Extract Content from a PDF Document
    Document Protection
    How to: Protect a PDF Document with a Password
    How to: Use PdfDocumentProcessor to Add a Visual Signature to a Document
    How to: Sign a PDF Document with a Certificate Stored on a Hardware Device
    How to: Use Azure Key Vault API to Sign a PDF Document
    How to: Sign a PDF File with a Certificate Stored in a .PFX File
    How To: Sign a PDF File with a Certificate Stored in the Windows Certificate Store
    How to: Validate a PDF Document Signature
    Export a PDF Document to an Image
    Presentation API
    Excel Export Library
    Snap Report API
    Zip Compression and Archive API
    Barcode Generation API
    Unit Conversion API
    API Reference
    Download CHM

    How To: Sign a PDF File with a Certificate Stored in the Windows Certificate Store

    • 3 minutes to read

    The PDF Document API allows you to sign PDF files with certificates (X.509) and digital signatures (PKCS#7). For example, you can sign documents with certificates stored in the Windows Certificate Store.

    The following code snippet executes the following actions:

    • Creates a PKCS#7 signature with the localhost certificate stored in the Windows Certificate Store.

      Note: this certificate is intended for demonstration purposes only. In a production environment, use a trusted certificate issued by a recognized Certificate Authority (CA).

    • Applies a digital signature to a form field.

    • Signs a document with that signature.
    using System;
using System.IO;
using System.Linq;
using DevExpress.Office.DigitalSignatures;
using DevExpress.Office.Tsp;
using DevExpress.Pdf;
using System.Security.Cryptography.X509Certificates;

using (var signer = new PdfDocumentSigner("Document.pdf")) {
    //Specify the name and location of the signature field
    var signatureFieldInfo = new PdfSignatureFieldInfo(1);
    signatureFieldInfo.Name = "SignatureField";
    signatureFieldInfo.SignatureBounds = new PdfRectangle(20, 20, 150, 150);
    signatureFieldInfo.RotationAngle = PdfAcroFormFieldRotation.Rotate90;

    //Create a timestamp
    ITsaClient tsaClient = new TsaClient(new Uri(@"https://freetsa.org/tsr"), HashAlgorithmType.SHA256);

    string certificateSubjectName = "localhost";
    X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
    store.Open(OpenFlags.ReadOnly);
    // Search the certificate by the Subject Name 
    var storeCertificate = store.Certificates
        .Find(X509FindType.FindBySubjectName, certificateSubjectName, validOnly: false)
        .OfType<X509Certificate2>()
        .FirstOrDefault();
    store.Close();

    if(storeCertificate == null)
        Console.WriteLine($"Certificate with subject name '{certificateSubjectName}' not found.");
    else {
        Pkcs7Signer pkcs7StoreSignature = new Pkcs7Signer(
            storeCertificate, HashAlgorithmType.SHA256, tsaClient, null, null, PdfSignatureProfile.PAdES_BES);

        //Apply a signature to a new form field created before
        PdfSignatureBuilder storeSignature = new PdfSignatureBuilder(pkcs7StoreSignature, signatureFieldInfo) {
            Location = "USA",
            Reason = "Acknowledgement",
            Name = "Jane Cooper"
        };
        storeSignature.SetImageData(System.IO.File.ReadAllBytes("Signing Documents/JaneCooper.jpg"));

        //Sign and save the document
        signer.SaveDocument("SignedDocument.pdf", storeSignature);
    }
}
    See Also