Products
Publisher - Trusted PDF Sealing Publisher Identity Validator
Pricing
Resources
API Docs CLI Docs Zapier Documenso
PDF Validator Download CLI
Support
Learn
Blog FAQ Announcements
Company / Contact
Sign in/up

Publisher - Trusted PDF Sealing

Pay-as-you-go PDF sealing (digital signature) using a Trusted Signatures Adobe-aligned digital ID, so recipients see the blue Certified banner in Acrobat/Reader.

PAdES + LTV Adobe Trusted EUTL-recognized
Adobe Acrobat Certified Banner
See Pricing Contact

Keep Your Tools, Gain Visible Trust

Publisher applies an Adobe-recognized seal via API, CLI, or Zapier—no new portals, no file uploads. In Acrobat/Reader, recipients get a blue “Certified” banner confirming who it’s from and that it hasn’t been altered. We take care of the certificate and renewal work behind the scenes.

When to seal your PDFs

When invoices, agreements, or filings must travel outside your systems and remain tamper-evident and audit-ready.

What Recipients See in Acrobat

Acrobat/Reader shows who sent it, whether it’s unchanged, and (if enabled) long-term validity—right on open. Results depend on the recipient’s viewer and trust settings. By default, Publisher seals use a Trusted Signatures OV organizational certificate; long-term verification is optional (RFC 3161 timestamp + OCSP/CRL).

Like a wax seal — modernized

Publisher stamps each PDF at the source with a tamper-evident, standards-based seal. If anything changes, the seal breaks; if authentic, Acrobat/Reader shows the blue “Certified” banner. Works alongside your e-signature tools—no PKI to build.

How it works

Connect. Use API, CLI, or Zapier; your files stay in your environment.

Seal. We apply an Adobe-aligned signature/seal (default signer: Trusted Signatures (OV); optional long-term verification).

Verify. Recipients open in Acrobat/Reader and see the blue “Certified” banner; you can also check files with our web Validator.

Learn more about the benefits of PDF sealing for businesses.

Tamper-evident PDF

Visible trust status in Adobe Acrobat: blue “Certified” banner confirms origin and integrity.

Policy controls (DocMDP)

Allow form fields and/or comments without breaking trust (DocMDP/FieldMDP).

Long-term verification (optional)

Timestamps + OCSP/CRL embedded for durable proof (LTV).

Try it now

Outcomes for your team

Fewer disputes, faster approvals, and auditable provenance. Acrobat makes integrity obvious so you review only the anomalies.

  • Fewer disputes & callbacks. Recipients see the blue “Certified” banner; “Is this legit?” support tickets drop."
  • Faster approvals. Acrobat/Reader’s Certified message speeds internal/external sign-off.
  • Tamper-evident records Edits are flagged; seals survive allowed changes.
  • Exception-based review. Teams focus only when integrity fails.
  • Audit-ready by default. Standards-based, clear provenance trails.
  • No workflow change. Drop-in CLI/API; keep your e-signature tools.

Why Teams Choose Publisher

  • No uploads - seal in place: Run via CLI/API where your PDFs already live; Acrobat shows integrity on open.
  • Acrobat-native & portable: ISO 32000/PDF and PAdES; optional LTV (RFC 3161 + OCSP/CRL); no vendor lock-in on sealed PDFs.
  • Granular policy controls: Use DocMDP/FieldMDP to allow forms/comments and lock specific fields without breaking trust.
  • Keys under custody: Non-exportable keys in FIPS 140-3 Level 3 HSMs; lifecycle and monitoring included.
  • No seat licenses or user quotas. Access via API/CLI keys; usage-based subscription for sealing—no per-envelope fees.

Designed for Your Team - No Portals or Envelopes

Most teams delay document security because OV management, key storage, and file handling look daunting. Trusted Signatures removes that barrier: a single /sign call pulls the right certificate, applies the seal, and returns a tamper-evident PDF in seconds—no multi-step workflow, no new UI, no hidden setup. No PKI to build or manage.

What this means for you:

  • SMBs & lean teams: Enterprise-grade document trust without extra headcount or training.
  • Developers & ops: Ship faster—sealing is one command in your pipeline, not a project.
  • Security & compliance: OV-level assurance, zero PKI or PDF tooling to maintain.

Capabilities

Seal in place (no uploads)

Trigger sealing from your app/exports; files never leave your systems

Tamper-evident sealing

Surfaces unauthorized changes in Acrobat/Reader

Certified banner & chain visibility

“Certified by Trusted Signatures” ribbon with issuer details

PAdES + LTV (durable proof)

Embed RFC 3161 timestamps + OCSP/CRL for long-term verification

Acrobat-native validation

Works in Adobe Acrobat/Reader and other PAdES compliant readers; no plugin

Built for automation

CLI/API/Zapier, batch jobs, predictable exit codes and logs

DocMDP controls

Configurable permissions allow forms or annotations without breaking the seal

FieldMDP controls

Lock specific fields—including signature fields

Integrations & CLI

Get started with CLI

Installation & Setup
Download and configure the CLI
Start free demo

Pricing at-a-glance

Publisher - Trusted PDF Sealing is a monthly pay-as-you-go subscription with a transparent, usage-based sliding scale. See the Publisher estimator on our pricing page.

What’s included
  • Identity & keys: certificates/keys are issued and managed by Trusted Signatures (no BYO)
  • Custody: FIPS 140-3 Level 3 HSM custody, monitoring, renewals, incident response
  • Support: issuance, lifecycle, incident handling, and compliance guidance
See pricing

Want your organization name in the banner?

Want your organization name in the banner? Add Publisher Identity (AATL OrgID / EU Advanced OrgID) we manage validation and renewals.

Publisher Identity
---

Learn more about our security

Frequently Asked Questions

Is this an e-signature workflow tool?
No. Publisher seals PDFs; it’s not a signer routing platform. It adds security where you don’t need signatures or it works with Documenso to enhance your workflow.
Will recipients need to install anything?
No. Validation happens in Adobe Acrobat/Reader and other PAdES-compliant readers.
What does Acrobat/Reader show after sealing (blue certified ribbon)?
A blue “Certified by Trusted Signatures” banner with sealing organization’s details. If the PDF is changed in an unauthorized way, Acrobat marks it invalid on open. Use our free web validator to view this (no uploads) with any pdf. Need or want your organization to appear in the seal - add Publisher Identity.
PDF Validator
Can recipients fill forms or add comments without breaking the seal?
Yes. Configure DocMDP permissions to allow form fill-in and/or annotations while blocking content edits (e.g., --allow-forms, --allow-comments).
View Docs
Will sealed PDFs validate in Adobe Acrobat/Reader and downstream systems (PAdES + LTV)?
Yes. We embed ISO 32000 signatures with X.509 chains, RFC 3161 timestamps, and OCSP/CRL revocation data, so Acrobat/Reader validates out of the box.
Learn More
Do we have to upload files to Trusted Signatures to seal them?
No. Publisher seals in place via CLI/API—no uploads or portals. Your PDFs stay in your environment; sealing runs where your documents already live.
View Docs
How can we preview what sealed vs. unsealed looks like before buying?
Use the free web Validator to open a sample or your own PDF and see how Acrobat/Reader surfaces integrity status, the blue Certified banner, and any issues.
PDF Validator
How is pricing structured for Publisher and Identity?
Publisher (sealing) is a subscription with a transparent, usage-based sliding scale. Identity (OrgID)—AATL or EU Advanced—is an annual add-on.
Publisher Identity See Pricing
Where are the signing keys kept?
Keys are non-exportable and held in FIPS 140-3 Level 3 HSMs; all signing occurs inside the module. We handle monitoring, renewals, and incident response.
Learn More
Can we bring our own certificate? How do we show our organization as the signer?
We manage issuance and custody for security and lifecycle (no BYO). To display your organization as the signer in Acrobat, add Publisher — Identity (AATL or EU Advanced).
Publisher Identity

Trust & Standards

Publisher seals PDFs using Adobe-aligned standards (ISO 32000/PDF). Each sealed file can include an organizational X.509 certificate and chain, RFC 3161 trusted timestamp, and OCSP/CRL revocation data. By default this certificate is a Trusted Signatures OV certificate; timestamp and revocation embedding are optional (for LTV). You can set DocMDP permissions to allow specific post-seal changes (e.g., form-fill) without breaking certified status. Seals validate natively in Adobe Acrobat/Reader (blue “Certified” banner), and you can also check documents with our web Validator.

Technical Details for reviewers: PDF Model: ISO 32000 certification/approval signatures embedded directly in the PDF (PAdES-aligned); Acrobat/Reader validates without plug-ins. Change Controls: DocMDP/FieldMDP policies to permit form fill-ins and/or comments without breaking certified status. LTV: Embedded RFC 3161 timestamps plus OCSP/CRL data to preserve validity over time. Certificates: X.509/CMS containers with standard SubFilter values; interoperable with Adobe’s validation stack. Key custody: Private keys are non-exportable in FIPS 140-3 Level 3 HSMs.

Start Free Demo See Pricing