Class SignerCertificateInfo
Contains the X.509 certificate details of the signer of a digitally signed PDF document. Exposes certificate metadata such as Subject DN, Issuer, Serial Number, validity period, convenience identity fields (CN, Organization, Country, Email, SubjectSerialNumber), and raw DER-encoded certificate bytes.
This class is populated automatically when verifying PDF signatures via
PdfDocument.GetVerifiedSignatures() and is accessible through
SignerCertificate.
For advanced scenarios requiring the full .NET certificate object:
var x509 = new System.Security.Cryptography.X509Certificates.X509Certificate2(
verifiedSignature.SignerCertificate.RawData);
Inheritance
Namespace: IronPdf.Signing.Inspection
Assembly: IronPdf.dll
Syntax
public class SignerCertificateInfo : Object
SignerCertificateInfo is the object IronPDF C# code works with for signature inspection. It contains the X.509 certificate details of the signer of a digitally signed PDF document.
SignerCertificateInfo matters when an application needs to configure or invoke signature inspection from C# code. The class encapsulates the related options and behavior in a single object that is set up once and reused across render or processing calls. Typical scenarios include batch generation pipelines, templated document workflows, and integration with existing C# document services.
To use SignerCertificateInfo, instantiate or obtain it from the relevant entry point in the IronPDF C# API. Key properties include CertificateSerialNumber, CommonName, Country, Email. Assign options or invoke methods on the instance to configure or perform the operation. The create accessible pdfs 508 c sharp covers typical usage in C# end to end.
using IronPdf;
// Obtain SignerCertificateInfo from the relevant entry point in the IronPDF API
void Configure(SignerCertificateInfo instance)
{
var current = instance.CertificateSerialNumber;
instance.GetIssuerField();
}For the broader workflow, see the metadata guide in the IronPDF C# documentation. For broader context, the signature inspection portion of the IronPDF C# API contains related types that work with SignerCertificateInfo directly. SignerCertificateInfo exposes additional members beyond those highlighted above; the reference tables on this page list the full set. In application code, treat SignerCertificateInfo as a configured object that is constructed once and reused across operations rather than instantiated per call. Configuration is generally idempotent: assigning the same property value twice has the same effect as assigning it once. For diagnostic purposes, inspect the relevant SignerCertificateInfo property after each operation to confirm the configured state. See the constructors, properties, and methods tables below for the complete API surface of SignerCertificateInfo.
Properties
CertificateSerialNumber
Gets the certificate serial number as an uppercase hexadecimal string (e.g., "1A2B3C4D"). This uniquely identifies a certificate within the scope of its issuer.
Important: This is the certificate's own serial number assigned by the CA,
not the SERIALNUMBER OID from the Subject DN (which is a personal/national ID).
For the personal/national ID, use SubjectSerialNumber or
GetSubjectField("SERIALNUMBER").
Declaration
public string CertificateSerialNumber { get; }
Property Value
| Type | Description |
|---|---|
| System.String |
CommonName
Gets the Common Name (CN) from the certificate's Subject DN.
This is typically the signer's full name or the entity name.
Equivalent to GetSubjectField("CN").
Declaration
public string CommonName { get; }
Property Value
| Type | Description |
|---|---|
| System.String |
Country
Gets the Country (C) from the certificate's Subject DN as a two-letter ISO 3166-1 code.
Equivalent to GetSubjectField("C").
Declaration
public string Country { get; }
Property Value
| Type | Description |
|---|---|
| System.String |
Gets the email address associated with the certificate, resolved from the Subject DN
(pkcs-9 emailAddress OID 1.2.840.113549.1.9.1) or falling back to the Subject Alternative
Name (SAN) rfc822Name extension.
Returns null if no email is present in either source.
Declaration
public string Email { get; }
Property Value
| Type | Description |
|---|---|
| System.String |
IsExpired
Gets whether the certificate has expired based on the current UTC time.
Returns false if the validity dates could not be extracted from the certificate
(conservative - does not claim expired when dates are unknown).
All comparisons are performed in UTC to avoid timezone ambiguity.
Declaration
public bool IsExpired { get; }
Property Value
| Type | Description |
|---|---|
| System.Boolean |
IssuerDN
Gets the full Issuer Distinguished Name (DN) of the certificate authority that issued the signer certificate.
To extract individual issuer fields, use GetIssuerField(String).
Declaration
public string IssuerDN { get; }
Property Value
| Type | Description |
|---|---|
| System.String |
NotAfter
Gets the end of the certificate's validity period (the "Not After" date). The certificate is not valid after this date. See also IsExpired and IsValidAt(DateTime).
Declaration
public DateTime NotAfter { get; }
Property Value
| Type | Description |
|---|---|
| System.DateTime |
NotBefore
Gets the start of the certificate's validity period (the "Not Before" date). The certificate is not valid before this date.
Declaration
public DateTime NotBefore { get; }
Property Value
| Type | Description |
|---|---|
| System.DateTime |
Organization
Gets the Organization (O) from the certificate's Subject DN.
Equivalent to GetSubjectField("O").
Declaration
public string Organization { get; }
Property Value
| Type | Description |
|---|---|
| System.String |
RawData
Gets the DER-encoded raw bytes of the signer certificate. This can be used to construct a .NET System.Security.Cryptography.X509Certificates.X509Certificate2 for advanced scenarios such as chain validation or certificate pinning:
var x509 = new X509Certificate2(verifiedSignature.SignerCertificate.RawData);
string thumbprint = x509.Thumbprint; // SHA-1 thumbprint
A new copy of the byte array is returned on each access to prevent modification of the internal data.
Declaration
public byte[] RawData { get; }
Property Value
| Type | Description |
|---|---|
| System.Byte[] |
Sha256Thumbprint
Gets the SHA-256 thumbprint of the certificate as an uppercase hexadecimal string with no separators (64 characters). Useful for certificate identification and pinning.
Note: This is a SHA-256 thumbprint. Windows certificate stores use SHA-1 thumbprints
by default. To get the SHA-1 thumbprint, construct an System.Security.Cryptography.X509Certificates.X509Certificate2
from RawData and read its Thumbprint property.
Declaration
public string Sha256Thumbprint { get; }
Property Value
| Type | Description |
|---|---|
| System.String |
SubjectDN
Gets the full Subject Distinguished Name (DN) of the signer certificate. This typically contains fields such as CN (Common Name), O (Organization), C (Country), SERIALNUMBER, and other identity attributes.
Example: "CN=John Doe,SERIALNUMBER=12345678,O=Acme Corp,C=US"
To extract individual fields, use GetSubjectField(String) or the convenience properties (CommonName, SubjectSerialNumber, etc.).
Declaration
public string SubjectDN { get; }
Property Value
| Type | Description |
|---|---|
| System.String |
SubjectSerialNumber
Gets the SERIALNUMBER value from the certificate's Subject DN (OID 2.5.4.5). This is typically a personal identifier such as a national ID, tax ID, passport number, or similar identity number embedded by the certificate authority.
Important: This is not the certificate's own serial number. For the certificate's own serial number assigned by the CA, use CertificateSerialNumber.
Equivalent to GetSubjectField("SERIALNUMBER").
Declaration
public string SubjectSerialNumber { get; }
Property Value
| Type | Description |
|---|---|
| System.String |
Methods
GetIssuerField(String)
Extracts a specific field value from the Issuer DN by its short name (e.g., "CN", "O", "C") or numeric OID string (e.g., "2.5.4.3"). See GetSubjectField(String) for the full list of supported field names.
Declaration
public string GetIssuerField(string fieldName)
Parameters
| Type | Name | Description |
|---|---|---|
| System.String | fieldName | The short name or numeric OID of the field to extract. |
Returns
| Type | Description |
|---|---|
| System.String | The field value, or |
GetSubjectField(String)
Extracts a specific field value from the Subject DN by its short name (e.g., "CN", "SERIALNUMBER", "O", "C", "E", "OU", "L", "ST", "SN", "UID") or numeric OID string (e.g., "2.5.4.5").
Common field names:
| CN | Common Name |
| SERIALNUMBER | Personal/National ID (not the certificate serial) |
| O | Organization |
| OU | Organizational Unit |
| C | Country |
| E | Email Address |
| L | Locality |
| ST | State/Province |
| T | Title |
| SN / SURNAME | Surname (per RFC 4514) |
| GIVENNAME | Given Name |
| UID | User ID |
| ORGANIZATIONIDENTIFIER | Organization Identifier (eIDAS) |
Declaration
public string GetSubjectField(string fieldName)
Parameters
| Type | Name | Description |
|---|---|---|
| System.String | fieldName | The short name or numeric OID of the field to extract. |
Returns
| Type | Description |
|---|---|
| System.String | The field value, or |
IsValidAt(DateTime)
Checks whether the certificate was valid at the specified date and time.
Returns false if the validity dates could not be extracted from the certificate
(conservative - cannot confirm validity when dates are unknown).
All comparisons are performed in UTC to avoid timezone ambiguity.
Typical usage - verify the certificate was valid when the document was signed:
bool validAtSigning = sig.SignerCertificate.IsValidAt(sig.SigningDate);
Declaration
public bool IsValidAt(DateTime dateTime)
Parameters
| Type | Name | Description |
|---|---|---|
| System.DateTime | dateTime | The date and time to check against the certificate's validity period. |
Returns
| Type | Description |
|---|---|
| System.Boolean |
|
ToString()
Returns a human-readable summary of the certificate including Subject DN, Issuer DN, certificate serial number, and validity period.
Declaration
public override string ToString()
Returns
| Type | Description |
|---|---|
| System.String | A formatted string summarizing the certificate details. |