{ "mode": "man", "parameter": "pdfsig", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/pdfsig/1/json", "generated": "2026-06-03T03:33:52Z", "synopsis": "pdfsig [options] [PDF-file] [Output-file]", "sections": { "NAME": { "content": "pdfsig - Portable Document Format (PDF) digital signatures tool\n", "subsections": [] }, "SYNOPSIS": { "content": "pdfsig [options] [PDF-file] [Output-file]\n", "subsections": [] }, "DESCRIPTION": { "content": "pdfsig verifies the digital signatures in a PDF document. It also displays the identity of\neach signer (commonName field and full distinguished name of the signer certificate), the\ntime and date of the signature, the hash algorithm used for signing, the type of the signa‐\nture as stated in the PDF and the signed ranges with a statement wether the total document is\nsigned. It can also sign PDF documents (options -add-signature or -sign).\n\npdfsig uses the trusted certificates stored in the Network Security Services (NSS) Database.\n\npdfsig also uses the Online Certificate Status Protocol (OCSP) (refer to\nhttp://en.wikipedia.org/wiki/OnlineCertificateStatusProtocol) to look up the certificate\nonline and check if it has been revoked (unless -no-ocsp has been specified).\n\nThe NSS Database is searched for in the following locations:\n\n• If the -nssdir option is specified, the directory specified by this option.\n\n• The NSS Certificate database in the default Firefox profile. i.e. $HOME/.mozilla/fire‐\nfox/*.default.\n\n• The NSS Certificate database in /etc/pki/nssdb.\n", "subsections": [] }, "OPTIONS": { "content": "", "subsections": [ { "name": "-nssdir [prefix]directory", "content": "Specify the database directory containing the certificate and key database files. See\ncertutil(1) -d option for details of the prefix. If not specified the other search lo‐\ncations described in DESCRIPTION are used.\n" }, { "name": "-nss-pwd password", "content": "Specify the password needed to access the NSS database (if any).\n" }, { "name": "-nocert", "content": "Do not validate the certificate.\n" }, { "name": "-no-ocsp", "content": "Do not perform online OCSP certificate revocation check (local Certificate Revocation\nLists (CRL) are still used).\n" }, { "name": "-aia", "content": "tificates to build the certificate chain.\n" }, { "name": "-dump", "content": "" }, { "name": "-add-signature", "content": "Add a new signature to the document.\n" }, { "name": "-new-signature-field-name name", "content": "Specifies the field name to be used when adding a new signature. A random ID will be\nused by default.\n" }, { "name": "-sign n", "content": "Sign the document in the n-th signature field present in the document (must be un‐\nsigned).\n" }, { "name": "-nick nickname", "content": "Use the certificate with the given nickname for signing.\n" }, { "name": "-kpw password", "content": "Use the given password for the signing key (this might be missing if the key isn't\npassword protected).\n" }, { "name": "-digest algorithm", "content": "Use the given digest algorithm for signing (default: SHA256).\n" }, { "name": "-reason reason", "content": "Set the given reason string for the signature (default: no reason set).\n" }, { "name": "-etsi", "content": "" }, { "name": "-list-nicks", "content": "List available nicknames in the NSS database.\n" }, { "name": "-v", "content": "", "flag": "-v" }, { "name": "-h -help --help", "content": "", "flag": "-h", "long": "--help" } ] }, "EXAMPLES": { "content": "pdfsig signedfile.pdf\nDisplays signature info for signedfile.pdf.\n\npdfsig input.pdf output.pdf -add-signature -nss-pwd password -nick my-cert -reason 'for fun!'\nCreates a new pdf named output.pdf with the contents of input.pdf signed by the 'my-\ncert' certificate.\n\npdfsig input.pdf output.pdf -sign 0 -nss-pwd password -nick my-cert -reason 'for fun!'\nCreates a new pdf named output.pdf with the contents of input.pdf signed by the 'my-\ncert' certificate. input.pdf must have an already existing un-signed signature field.\n", "subsections": [] }, "AUTHOR": { "content": "The pdfsig software and documentation are copyright 1996-2004 Glyph & Cog, LLC and copyright\n2005-2015 The Poppler Developers - http://poppler.freedesktop.org\n", "subsections": [] }, "SEE ALSO": { "content": "pdfdetach(1), pdffonts(1), pdfimages(1), pdfinfo(1), pdftocairo(1), pdftohtml(1),\npdftoppm(1), pdftops(1), pdftotext(1) pdfseparate(1), pdfunite(1) certutil(1)\n\n\n\n28 October 2015 pdfsig(1)", "subsections": [] } }, "summary": "pdfsig - Portable Document Format (PDF) digital signatures tool", "flags": [ { "flag": "", "long": null, "arg": null, "description": "Specify the database directory containing the certificate and key database files. See certutil(1) -d option for details of the prefix. If not specified the other search lo‐ cations described in DESCRIPTION are used." }, { "flag": "", "long": null, "arg": null, "description": "Specify the password needed to access the NSS database (if any)." }, { "flag": "", "long": null, "arg": null, "description": "Do not validate the certificate." }, { "flag": "", "long": null, "arg": null, "description": "Do not perform online OCSP certificate revocation check (local Certificate Revocation Lists (CRL) are still used)." }, { "flag": "", "long": null, "arg": null, "description": "tificates to build the certificate chain." }, { "flag": "", "long": null, "arg": null, "description": "" }, { "flag": "", "long": null, "arg": null, "description": "Add a new signature to the document." }, { "flag": "", "long": null, "arg": null, "description": "Specifies the field name to be used when adding a new signature. A random ID will be used by default." }, { "flag": "", "long": null, "arg": null, "description": "Sign the document in the n-th signature field present in the document (must be un‐ signed)." }, { "flag": "", "long": null, "arg": null, "description": "Use the certificate with the given nickname for signing." }, { "flag": "", "long": null, "arg": null, "description": "Use the given password for the signing key (this might be missing if the key isn't password protected)." }, { "flag": "", "long": null, "arg": null, "description": "Use the given digest algorithm for signing (default: SHA256)." }, { "flag": "", "long": null, "arg": null, "description": "Set the given reason string for the signature (default: no reason set)." }, { "flag": "", "long": null, "arg": null, "description": "" }, { "flag": "", "long": null, "arg": null, "description": "List available nicknames in the NSS database." }, { "flag": "-v", "long": null, "arg": null, "description": "" }, { "flag": "-h", "long": "--help", "arg": null, "description": "" } ], "examples": [ "pdfsig signedfile.pdf", "Displays signature info for signedfile.pdf.", "pdfsig input.pdf output.pdf -add-signature -nss-pwd password -nick my-cert -reason 'for fun!'", "Creates a new pdf named output.pdf with the contents of input.pdf signed by the 'my-", "cert' certificate.", "pdfsig input.pdf output.pdf -sign 0 -nss-pwd password -nick my-cert -reason 'for fun!'", "Creates a new pdf named output.pdf with the contents of input.pdf signed by the 'my-", "cert' certificate. input.pdf must have an already existing un-signed signature field." ], "see_also": [ { "name": "pdfdetach", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/pdfdetach/1/json" }, { "name": "pdffonts", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/pdffonts/1/json" }, { "name": "pdfimages", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/pdfimages/1/json" }, { "name": "pdfinfo", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/pdfinfo/1/json" }, { "name": "pdftocairo", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/pdftocairo/1/json" }, { "name": "pdftohtml", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/pdftohtml/1/json" }, { "name": "pdftoppm", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/pdftoppm/1/json" }, { "name": "pdftops", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/pdftops/1/json" }, { "name": "pdftotext", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/pdftotext/1/json" }, { "name": "pdfseparate", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/pdfseparate/1/json" }, { "name": "pdfunite", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/pdfunite/1/json" }, { "name": "certutil", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/certutil/1/json" } ] }