Sign, verify, and manage PDF documents with legally binding PAdES signatures. Corporate certificate pools, batch signing, hot folders, and full policy enforcement — entirely on your own server.
PAdES-T · Timestamp Verified
YesPDF implements the PAdES standard (ETSI EN 319 142), ensuring legal validity across EU member states and international jurisdictions.
| Level | Standard | What It Provides | Use Case |
|---|---|---|---|
| PAdES-B | Baseline | Digital signature with signer identity verification | Internal documents, routine signing |
| PAdES-T | Timestamp | Signature + RFC 3161 trusted timestamp proof | Contracts, legal documents, regulatory filings |
| PAdES-LT | Long-Term | Signature + timestamp + embedded revocation data | Archival, long-term validation (10+ years) |
All signature levels produce PDF files verifiable in Adobe Acrobat, Foxit Reader, and any PAdES-compliant viewer. No proprietary plugins required.
From personal certificates to automated batch processing, YesPDF covers every enterprise signing scenario.
Upload .p12/.pfx certificates. One-click signing with configurable reason and location. Visual signature drag-and-drop placement. Passwords AES-256 encrypted at rest.
Shared certificate management with role-based and group-based access control. Expiry tracking with automated alerts at 30, 15, 7, and 1 day before expiration.
Enforce organization-wide rules: minimum PAdES level, mandatory reason/location fields, default certificates. Applied per-role, per-group, or globally.
Sign hundreds of documents at once. Synchronous UI batch with real-time progress, or async queue for thousands of documents via background processing.
Drop PDFs into a watched folder — signed automatically. File stability checks, configurable I/O paths, multiple hot folders with different certificates.
Verify all embedded signatures: document integrity, signer identity, trust status, PAdES level, timestamp validity, and certificate expiry. Color-coded results.
Proactive monitoring with graduated alerts (30/15/7/1 day). Expired certificates auto-deactivated. Hot folders automatically skip expired certs. Dashboard and email notifications.
Full web-based configuration: certificate CRUD, signing policies, hot folder management, TSA configuration, default settings, and real-time statistics dashboard.
Integrate with ERP, accounting, and document management systems. Drop files, get signed PDFs — no human interaction required.
Only processes files that have stopped being written. Prevents signing mid-copy from network transfers.
Database-based leader election ensures exactly one instance processes files in load-balanced deployments. Automatic failover in ~30 seconds.
Every file processed is logged with status, file size, processing time, certificate used, and signer identity.
Stateless REST API for programmatic signing, verification, and batch processing. API-key authenticated with scope-based permissions.
// Sign a PDF and return it immediately // No document stored on server Content-Type: multipart/form-data X-API-Key: your-api-key file: invoice.pdf certificate_id: 5 p12_password: **** pades_level: pades-t reason: Approved location: Istanbul → Response: Signed PDF binary
// Async batch signing { "document_ids": [101, 102, 103, ...], "certificate_id": 5, "pades_level": "pades-t" } → Response: Job ID for polling
// Verify all signatures in a document → Response: JSON array of signature details (signer, integrity, trust, timestamps)
Auto-sign invoices via hot folder or REST API. Zero user interaction, fully audited.
Upload → Review → Sign → Share. Full lifecycle with verification.
PAdES-LT batch signing with embedded revocation data. Verifiable for 10+ years.
100% on-premise deployment. No cloud dependencies. No external API calls. All cryptographic operations performed locally.
PAdES-B/T/LT signatures per ETSI EN 319 142. Legally binding across all EU member states with qualified certificate support.
On-premise deployment ensures no data transfer outside your infrastructure. Complete audit trail for regulatory inspections.
Data sovereignty guaranteed. Encryption at rest, role-based access controls, and comprehensive data processing records.
Immutable audit trail for every signing operation. Role-based access, policy enforcement, and tamper-evident logging.
AES-256 encryption at rest and in transit. Access logging, session management, and document-level security controls.
Meets BDDK requirements for digital document management in financial institutions. On-premise with full data sovereignty.
| P12 Certificate Files | AES-256 with per-installation key |
| P12 Passwords | AES-256 with per-installation key |
| Signed PDF Documents | AES-256 with per-file random salt |
| Encryption Keys | Auto-generated, stored in .env |
| 👤 User identity | 📄 Document reference |
| 🔑 Certificate used | 📝 Signature type |
| ⏰ TSA URL | 🌐 Client IP |
| 📅 Exact timestamp of operation | |
Open standards, battle-tested libraries, no vendor lock-in.
The digital signature module is included in YesPDF Enterprise Edition. No per-signature fees. No external subscriptions.
Individual certificate upload and one-click signing
Shared certificate management with RBAC
Sync and async batch processing
Automated zero-touch signing
Programmatic sign, verify, batch
Full signature validation engine
Proactive certificate monitoring
Organization-wide rule enforcement
Immutable operation logging
Enterprise digital signatures, on your infrastructure. No cloud. No limits.
YES BILISIM TEKNOLOJILERI YAZILIM DANISMANLIK SAN. VE TIC. A.S.