Multiple signing issue. Only last sign is valid

Hello! I choose between different library to work with pdf and i wanna choose Aspose, but cannot find solution for sign document multiple times. I saw different topics at forum, but no worked solution.
Have been tried different version: 17.2.0 \ 17.6.0 \ 17.12.0 \ 21.7.0 \ 25.6.1 \ 25.7.0 result same = not worked.
Example code for reproduce:
public static void SignPdfWithCertificate(string inputFile, string outputFile, string certPath, string certPass, int startY)
{
using var pdfDocument = new Aspose.Pdf.Document(inputFile);
using var signature = new Aspose.Pdf.Facades.PdfFileSignature(pdfDocument);

        var pkcs = new Aspose.Pdf.Forms.PKCS7(certPath, certPass); // Use PKCS7/PKCS7Detached objects

        signature.Sign(1, true, new System.Drawing.Rectangle(100, startY, 400, 200), pkcs);
        signature.Save((string)outputFile);
        signature.Close();
    }   
    
    public static void secondSign(string inputFile, string outputFile, string certPath, string certPass, int startY)
    {
        var pdFileSignature = new Aspose.Pdf.Facades.PdfFileSignature();
        pdFileSignature.BindPdf(inputFile);

        // Create a rectangle for 2nd signature location
        System.Drawing.Rectangle rect2 = new System.Drawing.Rectangle(10, 10, 300, 50);

        // Create 2nd signature object
        var signature2 = new Aspose.Pdf.Forms.PKCS1(certPath, certPass); // PKCS#1

        pdFileSignature.Sign(2, "I'm document reviewer", "test02@aspose-pdf-demo.local", "Aspose Pdf Demo, Australia", true, rect2, signature2);

        // Save PDF document
        pdFileSignature.Save(outputFile);
        pdFileSignature.Close();
    }

@vbest_devops

Cause

The issue you’re encountering, where only the last signature is valid, is likely due to the way signatures are being applied to the PDF document. When signing a PDF multiple times, it’s essential to ensure that each signature is applied correctly and that the document is saved incrementally to preserve previous signatures.

Solution

To successfully sign a PDF multiple times, you should use the SaveIncrementally method after each signing operation. This method allows you to append new signatures without overwriting the existing ones.

Here’s how you can modify your code to achieve this:

Code

public static void SignPdfWithCertificate(string inputFile, string outputFile, string certPath, string certPass, int startY)
{
    using var pdfDocument = new Aspose.Pdf.Document(inputFile);
    using var signature = new Aspose.Pdf.Facades.PdfFileSignature(pdfDocument);

    var pkcs = new Aspose.Pdf.Forms.PKCS7(certPath, certPass);
    signature.Sign(1, true, new System.Drawing.Rectangle(100, startY, 400, 200), pkcs);
    
    // Save incrementally after the first signature
    signature.SaveIncrementally(outputFile);
}

public static void SecondSign(string inputFile, string outputFile, string certPath, string certPass, int startY)
{
    using var pdFileSignature = new Aspose.Pdf.Facades.PdfFileSignature();
    pdFileSignature.BindPdf(inputFile);

    // Create a rectangle for the second signature location
    System.Drawing.Rectangle rect2 = new System.Drawing.Rectangle(10, 10, 300, 50);
    var signature2 = new Aspose.Pdf.Forms.PKCS1(certPath, certPass);

    // Sign the document
    pdFileSignature.Sign(2, "I'm document reviewer", "test02@aspose-pdf-demo.local", "Aspose Pdf Demo, Australia", true, rect2, signature2);
    
    // Save incrementally after the second signature
    pdFileSignature.SaveIncrementally(outputFile);
}

Next Steps

1. Ensure that you are using the latest version of Aspose.PDF, as improvements and bug fixes are regularly released.
2. Test the modified code to confirm that both signatures are valid and preserved in the output PDF.
3. If you continue to experience issues, check the signature validation process to ensure that both signatures are being recognized correctly.

Please implement these changes and let me know if you need further assistance!

this method does not exist in version 25.7.0

@vbest_devops

Could you please confirm the output behavior when signing a PDF with multiple signatures? Specifically, do you observe that only one signature appears as valid while the others are marked as invalid or unverified?

I prepared examples and found that the problem apparently lies somewhere in the main algorithms, because signing a file generated with Aspose by another library resulted in the signatures being listed as invalid.
Signing a file with Aspose and generated by it also results in invalid signatures.
Signatures are checked in Adobe Acrobat Reader DC.
A file generated and signed by other libraries passes the check.
Two or more signatures are placed everywhere.

Aspose generate and sign example (69,2 КБ)
Another library generate and sign example (40,4 КБ)

        public static void Generate(string folderPath, string fileName, string? imagePath = null)
        {
            var doc = new Document();
            var page = doc.Pages.Add();

            var table = new Table();
            table.ColumnWidths = "100 100 100";

            // Первый уровень заголовка (объединённая ячейка)
            var headerRow1 = table.Rows.Add();
            var topHeader = headerRow1.Cells.Add("Общий заголовок");
            topHeader.ColSpan = 3;

            // Второй уровень заголовка
            var headerRow2 = table.Rows.Add();
            headerRow2.Cells.Add("ID");
            headerRow2.Cells.Add("Имя");
            headerRow2.Cells.Add("Значение");

            // Данные
            var row = table.Rows.Add();
            row.Cells.Add("1");
            row.Cells.Add("Тест");
            row.Cells.Add("123");

            page.Paragraphs.Add(table);

            if (!string.IsNullOrEmpty(imagePath))
            {
                // Добавление изображения
                var image = new Aspose.Pdf.Image
                {
                    File = imagePath
                };
                page.Paragraphs.Add(image);
            }

            doc.Save(Path.Combine(folderPath, $"{fileName}_Aspose.pdf"));
        }

        public static void SignPdfWithCertificate(string inputFile, string outputFile, string certPath, string certPass, int startY)
        {
            using var pdfDocument = new Aspose.Pdf.Document(inputFile);
            using var signature = new Aspose.Pdf.Facades.PdfFileSignature(pdfDocument);

            var pkcs = new Aspose.Pdf.Forms.PKCS7(certPath, certPass); // Use PKCS7/PKCS7Detached objects

            signature.Sign(1, true, new System.Drawing.Rectangle(100, startY, 400, 200), pkcs);
            signature.Save((string)outputFile);
            signature.Close();
        }

Above, I provided an example for perception.
Also screenshots of invalid and valid results.

@vbest_devops

We have opened the following new ticket(s) in our internal issue tracking system and will deliver their fixes according to the terms mentioned in Free Support Policies.

Issue ID(s): PDFNET-60335

You can obtain Paid Support Services if you need support on a priority basis, along with the direct access to our Paid Support management team.

Unfortunately, I can’t find any information about the trial license. Maybe if I have a license, the message “that this is a trial version” won’t be generated and the signing will work correctly in it? Could you check this? Or does the code I provided reproduce the error even with a license?

@vbest_devops

You can obtain a temporary license by visiting this link. We created this ticket due to similar reports we’ve received in the past, as the issue requires further investigation. In some cases, it may be related to specific PDF structures. Rest assured, we will notify you as soon as we have updates regarding the ticket resolution.

We sincerely apologize for any inconvenience caused and appreciate your patience.

Hi,

I have the same issue. I work with 25.12 version and got a license.
pdFileSignature.SaveIncrementally doesn’t exist.

Have you been able to solve the issue?

Thank you.

@ravendfj

The ticket has already been logged for an investigation and as soon as it is resolved, we will update here. The mentioned method was mistakenly suggested by the AI. Please feel free to disregard it. We apologize for the confusion and inconvenience.