Skip to main content
Penneo status page
Learn more
Dansk Français Nederlands

Validating Signatures and Seals

Niklas Dunker Gammelmark
  • Updated

Validating Signatures and Seals

When you validate a Penneo-signed document in external tools like the EU DSS Validator or Adobe Reader, you might notice that only the document Seal is immediately visible.

This article explains why this happens and provides step-by-step instructions on how to extract and validate individual signer signatures.

Frequently Asked Questions

  • Why do the EU DSS Validator and Adobe Reader only show a Qualified Electronic Seal?

    Penneo automatically applies a Qualified Electronic Seal to every signed PDF to guarantee the document's integrity. The individual signers' signatures and personal certificates are securely embedded inside the PDF as attachments.

  • My document was signed with a Qualified Electronic Signature (QES), so why do I only see a Seal?

    Because the document is sealed as a whole, validation tools read the top-level Seal first. To view and validate a specific user's QES or AdES (Advanced Electronic Signature), you must extract their signature file from the PDF attachments.

Step 1: How to Extract the Signature Files

To validate individual signatures, you first need to download the hidden verification files from the PDF. We use Adobe Reader in this example, but any standard PDF viewer will work.

  1. Open your signed PDF document in Adobe Reader.

  2. Click the Paperclip icon in the left-hand side menu to open the Attachments panel.

  3. Locate the files for the signer you want to validate:

    • Right-click on the XML file named Signature for... and save it to your computer.

    • If applicable: Right-click on the file named Signed data for... and save it as well.

📄 Note on Signature Types and Files:

  • Advanced Electronic Signatures (AdES): Contains 2 files per signer (Signature for... and Signed data for...).

  • Qualified Electronic Signatures (QES): Contains only 1 file per signer (Signature for...). QES is used with methods like itsme®, Norwegian BankID, .beID, and ID Verifier.

Step 2: How to Validate in the EU DSS Validator

Once you have extracted the necessary files, go to the official EU DSS Validator and follow the specific steps below based on what you want to verify.

1. Validating the Document Seal

To verify that the document has not been altered since it was finalized:

  1. Go to the EU DSS Validator.

  2. In the Signed file field, upload the complete PDF document.

  3. Click Submit.

2. Validating an Advanced Electronic Signature (AdES)

To verify an AdES signer:

  1. Go to the EU DSS Validator.

  2. In the Signed file field, upload the XML file that begins with Signature for....

  3. In the Original file field, upload the XML file that begins with Signed data for....

  4. Click Submit.

AdES signature - DK.png

3. Validating a Qualified Electronic Signature (QES)

To verify a QES signer:

  1. Go to the EU DSS Validator.

  2. In the Signed file field, upload the single XML file that begins with Signature for....

  3. Leave the Original file field empty.

  4. Click Submit.

QES sugnature.png

Need More Help?

For a deeper dive into signature compliance and verification, please see our related articles:

  • Electronic Signature & Electronic Seal Standards

  • Verifying the validity of digital signatures

Related to

Related articles