A desktop module that runs in the background and allows a browser to digitally sign a PDF file uploaded by the user, using her own certificates installed in the Windows Certificates Store.

• Use any locally installed certificate (digital or hardware tokens) to sign pdf files uploaded with the browser.
• Sends only hashes for signing, instead of complete files, to boost performance and protect PDFs from traveling between endpoints.
• Signed files are automatically downloaded from the web page.

The solution is made up of 3 projects:

• The windows application desktop module (WinForms)
• The web application: handles file uploads and performs the signature preparation (hash calculation) and completion (embedding the signed hash into the prepared file).
• An installer project to generate the module setup (and .msi installer)

The desktop module solution uses the following software stack:

• Visual Studio 2022 - For building the complete solution
• Syncfusion PDF .Net Core - Syncfusion.Pdf.Net.Core for preparing the PDF files for external signatures
• Wix toolset - For building the .msi installer
• OpenSSL - Optionally, if you want to rebuild the SSL certificates.

Build the solution in release mode and run the generated .msi installer.

The setup package installs the desktop module and configures it to autorun after the Windows login.

The setup also installs a couple of certificates needed for SSL communication between the desktop module and the page from the web project.

After the module is installed and running, launch the web project, upload a PDF and click the "Sign file" button. Select a certificate from the list and that's it, wait for the signed PDF file is prepared for downloading.

There's a blog post detailing all the stuff about this project, from its internal workings to the build and installation procedures. You can find it at https://www.alexgaio.com/post/signing-pdf-files-from-a-web-application

MIT