There are many legal ways to digitally sign documents across the globe, and businesses can select their signing methods based on specific cases and compliance needs. These methods include:

• Using an app like Zoho Sign, where Zoho's certificate and signing keys are stored in Zoho's FIPS-compliant hardware security module (HSM) and used to sign documents.
• Signing with an individual's or organization's certificate via USB tokens or PFX files, where the certificate and signing keys are stored and managed by the end-users themselves.

As a complete digital signature app, Zoho Sign offers complete flexibility for users to sign documents with either of these methods. However, in some regions and regulated industries like finance, legal, health care, and government, it is preferred to use USB tokens or PFX files for higher identity assurance and legal compliance.

How to obtain a digital signature certificate from a trust service provider (TSP)

To receive a digital certificate, signers or organizations need to confirm their identity with a TSP that is approved in their region. Once issued, the digital certificate can be used for digital signatures.

Zoho Sign now offers digital certificate-based signatures in PFX format to help businesses in regulated industries sign documents with highest level of compliance. This also ensures document authentication and integrity.

What is a PFX file?

A PFX file is a password-protected certificate in PKCS#12 format. It has a public key and a private key; the public key is used to decrypt data, while the private key is used to encrypt data. The user's digital signature certificate and the certificate authority’s information are also included in a PFX file.

How to use a PFX file in Zoho Sign:

1. Attain the digital certificate from a TSP in PFX format.
2. Enable the PFX signing settings in Zoho Sign.
3. Upload the PFX file along with the password to Zoho Sign for encryption and storage.
4. Follow the usual steps to sign the document in Zoho Sign.
5. Select the PFX signing option from the Sign via dropdown.
6. Verify PFX-based signing by opening the signed document in Adobe Acrobat Reader's Signature Panel.
   

Setting up PFX-based signatures

This action can only be performed by administrators. Follow the below steps to enable PFX signing in your Zoho Sign setup.

1. From the left navigation pane, click Settings > Integrations and toggle PFX Signing to ON.
   
   
   
   
2. Once turned on, upload one of the two types of digital signature certificates:

1. Organization PFX: All users in your organization use a common organization certificate
2. Individual PFX: Each user has their own certificate

3. Click Save.
   
   
   
   
   
4. Click Configure. A new popup will appear where you can upload the PFX file and enter the PFX password.
   
   
   

5. Click Upload.

Note: Changing the digital signature certificate later will result in deletion of previously stored PFX files. You can also delete the uploaded file by clicking the delete icon.

Senders can now enforce their signers to sign documents only with PFX file when sent from Zoho Sign. Learn how.

Signing documents with PFX file

The signing experience remains the same until the final step, where the signer will select PFX file from the Sign via dropdown.

​

Checking for PFX-based signatures in signed documents

1. Open the signature properties of the downloaded signed document.
2. Click Show Signer's Certificate.
3. The Certificate Viewer will open, where the certificate details can be found.