How to implement digital signature with my existing web project

I'm working on the project where the user needs to do a digital signature on a document. I checked in the google and know about sinadura which is a desktop application but I need to invoke this into my web application. I installed alfresco community edition on Linux server (https://www.alfresco.com/thank-you/thank-you-downloading-alfresco-community-edition) and followed the instruction as below GitHub link. https://github.com/zylklab/alfresco-sinadura I've implemented successfully with above instructions. But Alfresco is the big project and given several other features too. But I don't need that and I just need to implement digital signature part into my own web application similar to alfresco How to implement the digital signature part in my existing project? Can anyone please give a suggestion

asked May 2, 2018 at 15:24 2,882 8 8 gold badges 27 27 silver badges 35 35 bronze badges

Hi All, Is there any way to develop this without alfresco or with alfresco but only for signing document i.e I want to open a document In iframe in my another web project with the 'sign' button. the program should open the document from particular location & start the signature process and store into the same/different location when user clicks sign button

Commented May 2, 2018 at 17:17

I don't want whole alfresco UI except sign with sinadura button action to my another web project( ie. built on a top of GWT).

Commented May 2, 2018 at 17:18

I would suggest that you start by explaining what type/format and level of digital signature you need. There are many ways of "digitally signing" a document: is it a PDF file, requiring a PAdES signature? Or do you want to generate a detached signature (XML, or CMS)? Also, how should your users actually sign? Using a smart card? You can have a look at the SD-DSS library, which could probably help you in some ways (github.com/esig/dss - disclaimer: I've worked on that project)

Commented May 3, 2018 at 9:28 @veebee: Users sign digitally using a smart card. I will look at SD-DSS library. Commented May 6, 2018 at 12:03 Please check if this answer stackoverflow.com/a/55676351/9659885 may be of some use. Commented May 27, 2019 at 0:35

3 Answers 3

The security restrictions of browsers do not allow javascript access to the system certificate keystore or smart cards. Formerly java applets could be used, but with the latest browser updates it is no longer possible.

Current solutions for digital signature in browsers require the installation of a desktop software on the user's computer. The operating process is as follows:

Installation: The user installs the desktop software on his computer. The software installs a self-signed certificate and includes an embedded browser that listens on a computer port and runs it as a service

  1. The web application requests a signature to the local software using a secure web connection. For example https://localhost:1234/sign?doc=xxxx. The browser waits for the result
  2. The local application receives the document, asks the user to select the certificate or enter the card and make the signature. As it is a local application, there are no security restrictions
  3. The web application receives the result. It can query the local application through a REST service or open a websocket.

The concept is simple (a web application that requests the signature to a local application), but the construction of an application of this type is quite complex because you have to take into account many other factors:

So I recommend using an existing solution:

Sinadura is also an open-source initiative, and from what I've seen it works in a similar way, but I do not know if it has important references and I have not found the API