isimSoftware XML Signer (XAdES)
XML Signer (XAdES) main function is to sign XML documents using X.509 digital certificates. Using this product you can quickly sign multiple XML files (bulk sign) by selecting input and output directory. This is ideal for batch signing of large number of corporate XML documents rather than signing each one individually.
Personal License Price: 19$ – Click here to buy this software
XML Signer (XAdES) main function is to sign XML documents using X.509 digital certificates. Using this product you can quickly sign multiple XML files (bulk sign) by selecting input and output directory. This is ideal for batch signing of large number of corporate XML documents rather than signing each one individually.
XAdES signature format and SHA-256 algorithm is also supported.
XML Signer allows you to sign XML documents without any need to purchase additional software.
PKI Interoperability – XML Signer is completely PKI neutral and will work with PKI components from any vendor (this includes CAs, certificates, CRLs, smartcards, etc.).
Standard Compliance – XML Signer signatures are compatible with XAdES-BES and XMLDSig format.
Hash Algorithms – XML Signer can use SHA-1, SHA-256 and SHA-512 algorithms.
Benefits:
– Support for certificates issued on smart card, USB token, eToken, DSC
– Support for eIDAS digital certificates (EU Regulation 910/2014)
– SHA 256/512 support
– XAdES-BES standard
– XMLDSig standard
Requirements:
– A digital certificate (eIDAS qualified digital certificates are supported)
– Windows 7 or later (including Windows 11 and Windows Server 2022)
Licensing:
The license for XML Signer is a lifetime license. There is no additional cost like monthly / annual fees or fees per use. When a new version is released you can continue using your purchased version as usual.
XML Signer User Manual
Introduction
The main function of XML Signer is to sign XML files using X.509 digital certificates. With this
product you can quickly sign multiple XML files (bulk sign) by selecting input and output
directory. This is ideal for bulk signing of a large number of corporate documents rather than
signing each one individually.
Product Installation
We recommend to install the product using an Administrator account.
After the setup file is verified, the operating system might request your permission to install
this program.
Digital Certificates
Digital Certificate Location
To use XML Signer software, a digital certificate is needed. The digital certificates are stored
in two places:
– in Microsoft Store
– in PFX on P12 files
The certificates stored on Microsoft Store are available by opening Internet Explorer – Tools
menu – Internet Options – Content tab – Certificates button (see below).
To create digital signatures, the certificates stored on Personal tab are used. These
certificates have a public and a private key.
The digital signature is created by using the private key of the certificate. The private key can
be stored on the file system (imported PFX files), on a cryptographic smart card (like Aladdin
eToken or SafeNet iKey) or on a HSM (Hardware Security Module).
Another way to store a digital certificate is a PFX (or P12) file. This file contain the public and
the private key of the certificate. This file is protected by a password in order to keep safe the
key pair.
Note that a PFX/P12 file can be imported on Microsoft Store (just open the PFX/P12 file and
follow the wizard).
Certificates Stored on Smart Cards or USB Tokens
If your certificate is stored on a smart card or USB token (like Aladdin eToken), the certificate
must appear on Microsoft Certificate Store in order to be used by the library.
If the certificate not appears on Microsoft Store, you must ask your vendor about how to
import the certificate on the MS Store. Usually, the smart card driver or the middleware
automatically install the certificate on Microsoft Certificate Store.
You should also look at the middleware options, like below:
Select the Digital Certificate for Creating Signatures
To digitally sign a document, a digital certificate must be selected from Digital Certificates
section. The digital certificate used to create the digital signature can be stored on Microsoft
Store or a PFX file.
Create a Test Digital Certificate
If no certificates are available on the computer, a test certificate can be created from Create a
Digital Certificate section.
This certificate can be set as the default digital certificate used for creating signatures.
Batch Signatures (Automatically Made Without User Intervention) By default, XML Signer is installed on this location: C:\Program Files\isimSoftware\XML Signer\XML Signer.exe. The command line parameters are: XML Signer.exe [] To automatically sign a file, use the following command: c:\Program Files\isimSoftware\XML Signer>”XML Signer.exe” c:\TestFile.xmlc:\TestFile[signed.xml] To automatically sign a folder that contains files, use the following command: c:\Program Files\isimSoftware\XML Signer>”XML Signer.exe” c:\InputFolder c:\OutputFolder Custom Configuration In some cases, you will need a different signature configuration (e.g. different signature appearance and digital certificates) for different files/folders. To save a specific configuration, go to File – Save Configuration As and save the configuration on a file. Later, you can use that file in batch mode to apply different signature configuration on your signed file.
To automatically sign a folder that contains files, using a custom configuration, use the
following command:
“XML Signer.exe” c:\InputFolder c:\OutputFolder c:\config-client2.xml
Digitally Sign XML Files Using Windows PowerShell
To digitally sign an XML file using Windows PowerShell, simply download the library above and inspect Signature Library\PowerShell Scripts folder. The Windows PowerShell script will look below: #digitally sign a file file using a PFX certificate created on the fly #the script can be configured to use an existing PFX file or a certificate loaded from Microsoft Store (smart card certificate) if ($args.Length -eq 0) { echo “Usage: signXmlDocument.ps1 ” } else { $DllPath = ‘d:\SignLib.dll’ [System.Reflection.Assembly]::LoadFrom($DllPath) #create a PFX digital certificate $generator = new-object -typeName SignLib.Certificates.X509CertificateGenerator(“serial number”) $pFXFilePassword = “tempP@ssword” $generator.Subject = “CN=Your Certificate, E=useremail@email.com, O=Organzation” $generator.Extensions.AddKeyUsage([SignLib.Certificates.CertificateKeyUsage]::DigitalSig nature) $generator.Extensions.AddEnhancedKeyUsage([SignLib.Certificates.CertificateEnhancedKeyUs age]::DocumentSigning) echo “Create the certificate…” $certificate = $generator.GenerateCertificate($pFXFilePassword) #digitally sign the file in CAdES format $sign = new-object -typeName SignLib.XmlSignature(“serial number”) $sign.DigitalSignatureCertificate = [SignLib.Certificates.DigitalCertificate]::LoadCertificate($certificate, $pFXFilePassword) echo “Perform the digital signature…” $sign.ApplyDigitalSignature($args[0], $args[1]) } How to run the Windows PowerShell script from command line: powershell -executionPolicy bypass -file d:\signOfficeDocument.ps1 d:\test.xml d:\test[signed].xml