Skip to content

IFS Signing Service on Desktop

Note: To develop IFS Cloud Web pages with signing support, see: signdocument

Background

This document explains the process of digitally signing a document using hardware authentication device such as a YubiKey. Additionally, the document aims to provide insights into system-generated error messages and their corresponding interpretations.

Requirements

  • The "Signing Certificate" must be installed in the "Digital Signature (Slot 9c)" of the YubiKey.

    Supported YubiKey Models

    In general, any YubiKey model that provides PIV-compatible Smart Card support is compatible with the IFS Signing Service.

    We recommend the following YubiKey models:

    • YubiKey 5C
    • YubiKey 5Ci
    • YubiKey 5C NFC
  • The "IFS Signing Service" desktop client must be installed on the system. This can be acquired through the Add-on page and is available as a Windows Installer (.MSI) package.

Signing Documents

Certain pages in IFS Cloud allows you to digitally sign documents. Once you finish updating all the required information in a page that supports digital document signing, you will be presented with the "Electronic Sign Dialog" dialog.

Note: "Electronic Sign Dialog" generates a PDF document and provides you a preview of the document which you are about to sign. Once you review this document and click the "Sign" button.

Electronic Sign Dialog

  1. Once you click the "Sign" button, pop-up message will prompt you with a request to open "IFS Signing Service" desktop client through a custom browser protocol.

Invoke "IFS Signing Service"

  1. Press the "Open" button in the pop-up message to start the "IFS Signing Service" desktop client.

"IFS Signing Service"

Important: Ensure that your YubiKey is connected to the device during this step.

Note: If you haven't connected your YubiKey, the desktop client will not permit you to enter the PIN. Please connect the YubiKey and then click "Rescan."

YubiKey not connected

  1. If the YubiKey is already connected with the device, "IFS Signing Service" will allow you to enter the PIN.

Once the associated PIN is entered, press "Sign" button to digitally sign the document.

Note: The "IFS Signing Service" desktop client will carry out the signing process.

YubiKey not connected

  1. If the signing process is successful, the desktop client will close automatically and the status of the process will be visible in the "IFS Cloud Web client" window.

Signing sucessful

Note: If the signing process failed, the desktop client will remain open with a relevant error message. This error message can be dismissed using the "OK" button.

Signing error

An error message will also be prompted in the "IFS Cloud Web client".

Signing error

Version Compatibility

In order to assure compatibility with the middle tier, "IFS Signing Service" will carry out a version check against the server. If the versions are compatible, signing will proceed without any interruptions. If not, you will receive an error message.

Signing error

If the version check fails, it's likely that you have an older version of "IFS Signing Service". You can check the compatible version for the IFS Cloud installation by visiting the Add-on page from the environment's Landing Page.