IFS Signing Service on Desktop
Note: To develop IFS Cloud Web pages with signing support, see: signdocument
Background¶
This document explains the process of digitally signing a document using hardware authentication device such as a YubiKey. Additionally, the document aims to provide insights into system-generated error messages and their corresponding interpretations.
Requirements¶
-
The "Signing Certificate" must be installed in the "Digital Signature (Slot 9c)" of the YubiKey.
Supported YubiKey Models
In general, any YubiKey model that provides PIV-compatible Smart Card support is compatible with the IFS Signing Service.
We recommend the following YubiKey models:
- YubiKey 5C
- YubiKey 5Ci
- YubiKey 5C NFC
-
The "IFS Signing Service" desktop client must be installed on the system. This can be acquired through the Add-on page and is available as a Windows Installer (.MSI) package.
Signing Documents¶
Certain pages in IFS Cloud allows you to digitally sign documents. Once you finish updating all the required information in a page that supports digital document signing, you will be presented with the "Electronic Sign Dialog" dialog.
Note: "Electronic Sign Dialog" generates a PDF document and provides you a preview of the document which you are about to sign. Once you review this document and click the "Sign" button.
- Once you click the "Sign" button, pop-up message will prompt you with a request to open "IFS Signing Service" desktop client through a custom browser protocol.
- Press the "Open" button in the pop-up message to start the "IFS Signing Service" desktop client.
Important: Ensure that your YubiKey is connected to the device during this step.
Note: If you haven't connected your YubiKey, the desktop client will not permit you to enter the PIN. Please connect the YubiKey and then click "Rescan."
- If the YubiKey is already connected with the device, "IFS Signing Service" will allow you to enter the PIN.
Once the associated PIN is entered, press "Sign" button to digitally sign the document.
Note: The "IFS Signing Service" desktop client will carry out the signing process.
- If the signing process is successful, the desktop client will close automatically and the status of the process will be visible in the "IFS Cloud Web client" window.
Note: If the signing process failed, the desktop client will remain open with a relevant error message. This error message can be dismissed using the "OK" button.
An error message will also be prompted in the "IFS Cloud Web client".
Version Compatibility¶
In order to assure compatibility with the middle tier, "IFS Signing Service" will carry out a version check against the server. If the versions are compatible, signing will proceed without any interruptions. If not, you will receive an error message.
If the version check fails, it's likely that you have an older version of "IFS Signing Service". You can check the compatible version for the IFS Cloud installation by visiting the Add-on page from the environment's Landing Page.