Unable to Distinguish Between Corrupted and Unverifiable Signatures in WebViewer

w.bonazzoli · July 18, 2025, 7:32am

WebViewer Version:

Do you have an issue with a specific file(s)? No
Can you reproduce using one of our samples or online demos? Yes
Are you using the WebViewer server? No
Does the issue only happen on certain browsers? No
Is your issue related to a front-end framework? No
Is your issue related to annotations? No

Hello Apryse Support,

I am currently testing PDF digital signature validation using your WebViewer, specifically through your public demo at JS Digital Signature Demo | Apryse WebViewer.

I have two PDF files:

One contains a signature with unknown validity, which Adobe Acrobat displays with a yellow warning icon.
The other contains corrupted digital signatures, which Acrobat displays with a red cross indicating the signature is invalid.

However, when I upload both PDFs to your WebViewer demo, they both show the same yellow status icon, and I am unable to tell which one has an unverifiable signature and which one has corrupted signatures.

In my own implementation using WebViewer, I’m calling:

await doc.verifySignedDigitalSignatures(opts);

However, for both PDFs, the returned status is always:

Core.PDFNet.PDFDoc.SignaturesVerificationStatus.e_untrusted

I am attaching:

The two PDF files I used
Screenshots showing how each appears in Adobe Acrobat (to highlight the difference)

My goal is to detect whether a signature is invalid, unverifiable, or potentially valid using WebViewer, i already have .

Could you please confirm:

Whether WebViewer supports detecting these signature status distinctions?
If yes, how can I access that information or other API methods)?
If this is not currently supported, is there a known workaround or any roadmap plans?

tiger_withApprovalField_certified_approved_ORIGINAL.pdf (51.1 KB)
TIGERVALID_ROTTO.pdf (104.1 KB)

Thank you very much for your assistance.

Best regards,
William

system · July 18, 2025, 7:33am

Hello, I’m AiRon, an automated tech support bot
While you wait for one of our customer support representatives, I can help you with your question.

It seems you are facing difficulties in distinguishing between corrupted and unverifiable digital signatures using WebViewer. WebViewer’s current capabilities may not fully distinguish these subtle differences in signature validity status as Adobe Acrobat does, particularly when it comes to differentiating between a signature that is untrusted due to unknown validity and one that is corrupted.

Some things you can try:

Use the verifySignedDigitalSignatures method to get detailed information about each signature’s status. While it may return a status of e_untrusted, you can further inspect the signature object for additional details.

Check if there are any specific error messages or warnings provided by the verifySignedDigitalSignatures method that might offer more insight into the signature’s state.

Consider implementing additional logic to handle different signature verification statuses based on specific requirements or use cases.

Here are some resources that might help you:

WebViewer Signature Guide: Explore how to work with digital signatures in WebViewer.

Full API Samples for WebViewer: Check out examples on how to validate digital signatures.

Interacting with Signature Fields: Learn about the differences between signing methods and how to interact with signature fields.

Viewer Digital Signature Validation Test: This sample demonstrates how to view digital signature validation information in a PDF document.

Add Long-Term Validation (LTV) Information: Learn how to add LTV information to ensure long-term validation of signatures.

Hopefully, this helps you solve your problem while you wait for a human to get back to you.

w.bonazzoli · July 24, 2025, 6:19am

Dear Apryse Support,

I’m following up on my ticket regarding digital signature validation in WebViewer. I’ve received the automated response, but I’d appreciate any further input from your support team.

Additionally, could you please advise how to enable the panel that displays signature validity (as shown in your demo)? If available, an Angular example or code snippet would be very helpful.

https://sdk.apryse.com/samples/web/samples/full-apis/ViewerDigitalSignatureValidationTest/?_gl=1*t0h57u*_gcl_au*MTQ2NjI4MTk4NS4xNzUwMjU2MDM1*_ga*OTAwOTE4MDYzLjE3NDA1NTg1NDU.*_ga_S9LESQW29R*czE3NTMyNzU4ODgkbzM0JGcxJHQxNzUzMjc1ODkwJGo1OCRsMSRoMTM3OTIxMjM5Nw..

Thanks in advance for your support!

Best regards,
William

jromanocarlsen · July 25, 2025, 9:51pm

Hello @w.bonazzoli,

Thank you for posting on our forum,

We are currently investigating your issue and will reach out once we have an update.

Best Regards,
Jacob Romano Carlsen
Web Development Support Engineer
Apryse Software Inc.

jromanocarlsen · July 30, 2025, 10:11pm

Hello @w.bonazzoli,

If you have not already, please see our guide here on Verifying Digital signatures using our SDK: https://docs.apryse.com/web/guides/signature/verify-pdf

In the above guide, we discuss verification statues similar to the ones you described, such as untrusted, unsupported, and verified. Additionally, if you want a more detailed sample of how we can verify Digital Signatures, you can find our sample code here: https://docs.apryse.com/web/samples/digitalsignaturestest

What options are you passing into the verifySignedDigitalSignatures() API call? The untrusted verification status is returned whenever WebViewer could not verify trust for at least one signature, but you can likely avoid this status by setting current VerificationOptions. You can find the VerficiationOptions you can configure here: https://sdk.apryse.com/api/web/Core.PDFNet.VerificationOptions.html

Best Regards,
Jacob Romano Carlsen
Web Development Support Engineer
Apryse Software Inc.