TX Text Control can be used to digitally sign Adobe PDF and PDF/A documents with X.509 certificates. The certificate can be assigned in the SaveSettings TX Text Control .NET Server for ASP.NET
TXTextControl Namespace
SaveSettings Class
The SaveSettings class provides properties for advanced settings and information during save operations.
class when saving document.

Creating Adobe PDFs

Consider the following Web API code that accepts a document in the internal TX Text Control format as a Base64 encoded string and returns a signed Adobe PDF document as a Base64 encoded string which is a typical practice for document APIs.

public string ExportPDF(string document)
byte[] bPDF;
using (TXTextControl.ServerTextControl tx = new TXTextControl.ServerTextControl())
X509Certificate2 cert = new X509Certificate2
TXTextControl.SaveSettings saveSettings = new TXTextControl.SaveSettings()
DigitalSignature = new TXTextControl.DigitalSignature(cert, null)
// save the document as PDF
tx.Save(out bPDF, TXTextControl.BinaryStreamType.AdobePDFA, saveSettings);
// return as Base64 encoded string
return Convert.ToBase64String(bPDF);
view raw api.cs hosted with ❤ by GitHub

In this case, a X509Certificate2 is created from the certificate file textcontrolself.pfx and the private key password.

After the document has been created and is opened in Acrobat Reader, the valid signatures are shown in the Signatures sidebar:


Creating the Self-Signed Certificate

In the next steps, a self-signed certificate is created using Windows PowerShell.

  • Use the New-SelfSignedCertificate PowerShell cmdlet to create a self signed certificate. Open a PowerShell and type in the following command:

    New-SelfSignedCertificate -Type Custom -Subject "CN=Text Control, O=Text Control, C=US" -KeyUsage DigitalSignature -FriendlyName "TextControlSelf" -CertStoreLocation "Cert:\CurrentUser\My" -TextExtension @("{text}", "{text}")
    view raw Powershell.ps hosted with ❤ by GitHub

    After running this command, the certificate is added to the certificate store (specified in the "-CertStoreLocation" parameter). The output of the command shows the certificate's thumbprint.

    PSParentPath: Microsoft.PowerShell.Security\Certificate::CurrentUser\My
    Thumbprint Subject
    ---------- -------
    6BA35B742656FB2EC48B09116ABAE5123082F116 CN=Text Control, O=Text Control, C=US
    view raw Powershell.ps hosted with ❤ by GitHub
  • Copy this thumbprint and insert it into the following command:

    $password = ConvertTo-SecureString -String yourpassword -Force -AsPlainText
    Export-PfxCertificate -cert "Cert:\CurrentUser\My\6BA35B742656FB2EC48B09116ABAE5123082F116" -FilePath textcontrolself.pfx -Password $password
    view raw Powershell.ps hosted with ❤ by GitHub
  • The file textcontrolself.pfx is created in the same folder. Copy this to your application's folder from where you want to load the certificate (App_Data in our Web API sample above).

In real-world applications, the private key can be also accessed from the certificate store. In this case, make sure that the current user (IIS_IUSRS) has full access.