Question: I want to have a better understanding of how the SDK verifies the signatures and timestamps on the PDF. Adobe Reader verifies signatures against the AATL, so how does the Apryse SDK do it?
Answer:
In order to perform digital signature verification, the SDK requires the signer certificates to verify against. These can be added via the VerificationOptions.AddTrustedCertificate() method (see documentation here for more info).
First, the SDK builds all certificate paths from the signer certificate to a trusted root and check the expiration date for all certificates to establish trust. If the provided path to the certificate exists and they are not expired, trust is established.
Related:
If you are experiencing issues with Timestamping where the token verification failed, you can refer to the below forum post to diagnose further: