Digital PDF Signing in .NET with IronPDF
"Signing" means three different things in IronPDF, and they are not interchangeable: a tamper-proof digital signature backed by a certificate, a visual stamp of a handwritten image, and an interactive field for a user to sign later. Their security properties differ, so the use cases split along that line. The cryptographic core is the PdfSignature class with an X509Certificate2 loaded from a .pfx or .p12 file, applied with pdf.Sign(...). That binds identity to content, so any later edit breaks the signature.
Tamper-evident contracts and agreements
The one most teams reach for first. A certificate signature proves the document is authentic and unaltered, and lets you embed an audit trail (reason, location, contact, date) and a trusted timestamp:
using IronPdf;
using IronPdf.Signing;
using System;
var pdf = PdfDocument.FromFile("contract.pdf");
var signature = new PdfSignature("certificate.pfx", "password")
{
SigningReason = "Contractual Agreement",
SigningLocation = "Chicago, USA",
SignatureDate = DateTime.Now,
TimeStampUrl = new Uri("http://timestamp.digicert.com"),
TimestampHashAlgorithm = TimestampHashAlgorithms.SHA256
};
pdf.Sign(signature);
pdf.SaveAs("contract-signed.pdf");using IronPdf;
using IronPdf.Signing;
using System;
var pdf = PdfDocument.FromFile("contract.pdf");
var signature = new PdfSignature("certificate.pfx", "password")
{
SigningReason = "Contractual Agreement",
SigningLocation = "Chicago, USA",
SignatureDate = DateTime.Now,
TimeStampUrl = new Uri("http://timestamp.digicert.com"),
TimestampHashAlgorithm = TimestampHashAlgorithms.SHA256
};
pdf.Sign(signature);
pdf.SaveAs("contract-signed.pdf");Imports IronPdf
Imports IronPdf.Signing
Imports System
Dim pdf = PdfDocument.FromFile("contract.pdf")
Dim signature = New PdfSignature("certificate.pfx", "password") With {
.SigningReason = "Contractual Agreement",
.SigningLocation = "Chicago, USA",
.SignatureDate = DateTime.Now,
.TimeStampUrl = New Uri("http://timestamp.digicert.com"),
.TimestampHashAlgorithm = TimestampHashAlgorithms.SHA256
}
pdf.Sign(signature)
pdf.SaveAs("contract-signed.pdf")A timestamp from a trusted authority gives cryptographic proof of when a document was signed, independent of the local clock — which matters for filings and regulated submissions.
Locking documents after signing
The SignaturePermissions setting controls what is allowed afterwards: NoChangesAllowed locks the document, FormFillingAllowed permits only field entry, and AnnotationsAndFormFillingAllowed also permits notes. Any disallowed action invalidates the signature, which suits issued certificates, approved policies, and finalized statements.
Multi-party approval workflows
Because PDFs support incremental saving, a signature applies to a specific revision. Each approver signs their own, and the history records who signed what, when, and what changed. This covers co-signing and sequential sign-off.
Verification and audit gates
A pipeline can refuse any document that fails to verify, then roll back or strip signatures:
var pdf = PdfDocument.FromFile("signed-report.pdf");
bool valid = pdf.VerifySignatures();
if (!valid)
{
pdf.RemoveSignatures();
pdf.SaveAs("report-unsigned.pdf");
}var pdf = PdfDocument.FromFile("signed-report.pdf");
bool valid = pdf.VerifySignatures();
if (!valid)
{
pdf.RemoveSignatures();
pdf.SaveAs("report-unsigned.pdf");
}Dim pdf = PdfDocument.FromFile("signed-report.pdf")
Dim valid As Boolean = pdf.VerifySignatures()
If Not valid Then
pdf.RemoveSignatures()
pdf.SaveAs("report-unsigned.pdf")
End IfVisible approval without cryptography
When you only need the look of a signature, not legal non-repudiation, stamp a scanned handwritten image with the stamp or watermark feature. Fine for internal sign-offs, as long as you stay clear about what it is.
Stamp or certificate, and two gotchas
Never let a stamped image stand in for a certificate signature. A stamp is pixels on a page: copyable, unverifiable, no guarantee the document is unaltered. A certificate signature is tamper-evident and ties identity to content cryptographically. Use the stamp for appearance, the certificate for proof.
Two things catch people out. Load the certificate with X509KeyStorageFlags.Exportable, or the private key cannot be used and signing fails. And if a viewer shows a warning rather than a green tick, the certificate is not in that viewer's trusted store; the signature is still valid, but trust must be established separately.
Frequently Asked Questions
What are the three types of PDF signing in IronPDF?
IronPDF supports: (1) cryptographic digital signatures backed by an X.509 certificate that bind identity to content and invalidate on tampering; (2) visual image stamps that place a handwritten-signature image on the page without cryptographic proof; and (3) interactive signature fields where a user signs later inside a PDF viewer.
How do I add a tamper-evident digital signature to a PDF in C#?
Load an X.509 certificate from a .pfx or .p12 file into a PdfSignature object, set the signing reason, location, date, and optionally a trusted timestamp URL, then call pdf.Sign(signature) and save.
What is the difference between a PDF digital signature and a visual stamp?
A digital signature cryptographically binds a certificate identity to the document content — any later edit breaks it. A visual stamp is just an image on the page: copyable, unverifiable, and it carries no guarantee the document is unaltered. Use stamps for appearance; certificates for legal proof.
Why does IronPDF fail to sign with 'private key not accessible'?
Load the X.509 certificate with the X509KeyStorageFlags.Exportable flag. Without it, the private key cannot be accessed for signing.
How do I verify and remove signatures from a PDF in IronPDF?
Call pdf.VerifySignatures() to check whether all signatures are valid. If the result is false, call pdf.RemoveSignatures() to strip them before reprocessing or re-signing.
Get started for FREE
Get started for FREE
Book Free Live Demo
No credit card or account creation required
