Managing Self-Signed Digital IDs

Before you can digitally sign or certify a document, you need a digital ID in Revu. If you don't have one already installed on your computer, you can purchase one from a trusted Certificate Authority (consult the documentation that accompanies it to install the digital ID; Revu will automatically detect digital IDs installed in eTokens, USB dongles, or in your Windows Certificate Store) or you can create one in Revu (also known as "self-signed"). You will only need to do this once.

This page discusses the creation and management of self-signed digital IDs. If you purchase a digital ID from a third-part Certificate Authority, you should not need to create a digital ID in Revu. If you are uncertain whether you should use a self-signed digital ID or one purchased from a third-party Certificate Authority, there is a discussion of the merits of both options in the Digital Signatures Tutorial.

If you already have a PKCS #12 self-signed digital ID on your computer and wish to use it in Revu as well, you can import it instead of creating another one.

After creating your self-signed digital ID, you will need to export your public certificate so you can send it to recipients of your signed and/or certified documents.

In addition to creating a self-signed digital ID, this page discusses questions like how to change the password for one or how to delete them. Information about controlling the appearance of the signature on documents is elsewhere; see Customizing the Appearance of a Digital Signature.

ClosedCreating a Self-Signed Digital ID

Generally speaking, self-signed digital IDs are sufficient for personal use and small-to-medium businesses, though it is recommended that their use be limited to parties that are already known to each other and have established a measure of mutual trust. When using a self-signed digital ID, you are essentially vouching for yourself.

Before somebody can recognize your self-signed digital ID, you must export your public certificate and send it to them, at which point they will need to install it. If somebody has sent you a public certificate and you wish add them to your Trusted Identities Store, you will need to import their public certificate.

To create a new, self-signed digital ID:

  1. Go to Tools > Signatures > Digital IDs. The Manage Digital IDs dialog box appears.

  2. Click Add Digital ID. The New Digital ID dialog box appears.

  3. Select one of the available Create Digital ID options:
    • Create Digital ID file: Creates a digital ID in the PKCS #12 format. It is protected by a separate password that is defined at the time of creation.
    • Create Digital ID in Windows Certificate Store: Creates a digital ID in the Windows Certificate Store. It is protected by the user's Windows login.

    Note: Since it relies on a user's Windows login credentials, Windows Certificate Store is not recommended for environments with shared login credentials. Additionally, the Windows Certificate Store is Windows-only while PKCS #12 is compatible with both Windows and Mac OS.

  4. Enter the Identity information, as desired.
    • Name and E-mail Address are required fields.

  5. If Create Digital ID file was selected, enter and confirm a Password under PKCS #12 Options. This password will be used to confirm the user as the signer of a document, so use a sufficiently secure password.

    Caution: Keep your password in a secure place. By design, passwords for these types of digital IDs cannot be retrieved or reset if lost. In the event that you lose your password, you will need to create a new digital ID.

  6. Click OK.

The new digital ID now appears in the Manage Digital IDs dialog box. See Customizing the Appearance of a Digital Signature for more information about controlling the appearance of the signature on documents.

ClosedChanging the Password for a Self-Signed Digital ID

You can change the password for a self-signed, PKCS #12 digital ID file from the Manage Digital IDs dialog box. Since digital IDs stored in the Windows Certificate Store are linked to your Windows login credentials, their passwords change when those credentials change; they cannot be changed here.

To change the password for a self-signed digital ID:

  1. Go to Tools > Signatures > Digital IDs. The Manage Digital IDs dialog box appears.

  2. Right-click the desired PKCS #12 digital ID and select Change Password from the menu that appears.

  3. The Change Password dialog box appears. Enter the old password in the Old Password field then the new one in the New and Confirm fields.

  4. Click OK to complete the password change.

    Note: Changing the password of a digital ID will automatically log you in under that ID. If that is not desired, you can right-click the ID and select Logout to log out of the ID.

ClosedDeleting Self-Signed Digital IDs

Self-signed Digital IDs that were created in Revu can be deleted from within Revu. You should only delete a digital ID when you are sure you have no further need of it.

To delete a self-signed digital ID:

  1. Go to Tools > Signatures > Digital IDs. The Manage Digital IDs dialog box appears.

  2. Select the digital ID you wish to delete. Check the Identity details to confirm that it is the desired digital ID.
  3. Click the Delete Digital ID button. You may be prompted to confirm that you wish to delete the digital ID.
    • Digital IDs in the Windows Certificate Store that were not created in Revu cannot be deleted from within Revu and the Delete Digital ID button will not be available for them. These digital IDs should be deleted from the Windows Certificate Store.
  4. If the digital ID being deleted is a PKCS #12 digital ID file, you will be prompted for its password. Enter the password and click OK to complete the deletion.
    • In the event that you have lost the password, you can delete the digital ID file manually. Navigate to its location as shown in the Location column of the dialog box (if the path is too long to view completely, hover the mouse cursor over it to show the full location) in Windows Explorer and delete it from that folder. Afterward, return to Revu and repeat this procedure to remove it from Revu.

Related topics

Importing a Digital ID

Exporting a Trusted Identity Certificate

Importing a Trusted Identity Certificate

Working with Digital Signatures

Controlling a Signature Appearance

Digital Signatures Tutorial