Docento.app Logo
Docento.app
Pen resting on a printed document
All Posts

Certified PDFs Explained: Document-Level Signatures and What They Allow

Security & PrivacySigning
May 13, 2026·8 min read

A regular signed PDF carries a signature on a specific form field. A certified PDF is signed at the document level, one signature that covers the entire file with strict rules about what modifications are allowed afterward. Certification is what publishers, regulators, and template authors use to say "this is the authoritative version, and these are the only changes allowed". This guide walks through what certification means, how it differs from a normal signature, and when to use it.

Signed vs certified: the practical difference

A signed PDF:

  • Has one or more signatures on form fields
  • The signature locks the file content at the time of signing
  • Any subsequent edit invalidates the signature
  • Multiple signatures can be added (counter-signing)
  • The signature is added by a signer on a signature field

A certified PDF:

  • Has a single document-level signature (the "certification signature")
  • Sets explicit rules about what modifications are allowed (none, form filling only, form filling and annotations only)
  • Modifications within the allowed scope keep the certification valid
  • Modifications outside the allowed scope invalidate it
  • The certification is added by the document's author or issuer, not by a downstream signer
  • A certified PDF can still receive additional signatures within the allowed modification scope

The mental model: a normal signature says "I, the signer, agree to this exact content." A certification says "I, the author, certify this document and these specific kinds of changes are allowed afterward."

The three permission levels of certification

When you certify a PDF, you choose one of three levels:

  1. No changes allowed. The file is locked. Form fields cannot be filled. Annotations cannot be added. Any modification invalidates the certification. Use this for read-only authoritative documents.

  2. Form filling allowed. Recipients can fill form fields; the certification stays valid. Useful for templates: tax forms, applications, contracts where the issuer certifies the template and recipients can fill in their information.

  3. Form filling and annotations allowed. Recipients can fill forms AND add comments, highlights, sticky notes. Useful for review workflows where the certified template is meant to be commented on.

Outside these allowed modifications, any change (content edit, page addition/removal, etc.) invalidates the certification.

When to certify vs sign

  • Certify when:

    • You are the document's author or authoritative issuer
    • You want recipients to do controlled things with the document (fill forms, add annotations)
    • You need legal weight equivalent to "this is the authentic version"
    • The document will go through multiple hands before final use

  • Sign when:

    • You are a downstream party agreeing to the content
    • You are not the original author
    • You want a signature on a specific commitment, not a document-level certification

Often both: the issuer certifies, recipients sign on signature fields within the allowed modifications.

Tools that certify PDFs

Adobe Acrobat Pro. Tools → Certificates → Certify (Visible Signature) or Certify (Invisible Signature). The dialog asks for your certificate and the certification level.

Adobe Sign / Acrobat Sign. For business workflows where certifications are part of a larger signing flow.

pyHanko, open-source Python library for PDF signing and certification. Production-grade.

**iText and PDFBox, Java libraries supporting certification.

pdfsig (poppler-utils), verifies signatures and certifications. Cannot create them. See poppler-utils introduction.

For one-offs, Acrobat Pro is the standard. For automated certification (e.g., a server generating certified invoices), pyHanko or iText is the right path.

Certificate requirements

To certify a PDF, you need a digital certificate. Options:

  • Self-signed. Free but only verifiable by recipients who explicitly trust you.
  • Adobe Approved Trust List (AATL). Certificates from CAs in Adobe's trust list verify automatically in Acrobat. Strong recommendation for any external workflow.
  • EU Trusted List (EUTL). Equivalent in the EU; certificates from EU-recognized providers verify under eIDAS.
  • Internal CA. If your organization runs its own certificate authority, recipients in your organization can verify; outsiders need to install your root cert.

For a "this is the authentic version" certification to mean anything externally, use an AATL or EUTL certificate.

Visible vs invisible certification

A certification signature can be:

  • Visible, appears as a signature graphic on a specific page (often page 1 or a designated location)
  • Invisible, exists in the file but does not appear visually

Visible certifications make the trust signal obvious. Invisible certifications keep the visual untouched. Most workflows prefer visible for legal documents and invisible for templates where the signature visual would clutter the layout.

Long-Term Validation (LTV)

A certificate has a validity period (typically 1-3 years). If you certify today and someone opens the PDF in 10 years, the cert may be expired. Long-Term Validation (LTV) addresses this by embedding:

  • The signing certificate
  • The full certificate chain to the root CA
  • Revocation status (CRL or OCSP response) at signing time
  • A timestamp from a trusted Time Stamping Authority (TSA)

With LTV, the signature remains verifiable indefinitely. Acrobat Pro and pyHanko support LTV; the option appears in the certification dialog.

For archival workflows, always enable LTV. See how to archive PDFs long-term.

Verifying a certified PDF

When a recipient opens a certified PDF:

  • Acrobat / Reader shows "Certified by [issuer]" in the signature panel
  • If the certificate is trusted (AATL, EUTL, or in the user's trust store), the certification is "valid"
  • If the certificate is not trusted, the certification is "valid but unknown issuer", the recipient must manually decide whether to trust
  • If the file has been modified outside the allowed scope, the certification is invalid

For verification programmatically:

pdfsig file.pdf

Returns the signatures and their status.

What modifications break certification

For a "no changes" certified PDF: any edit. Add a page, change a pixel, alter metadata, broken.

For a "form filling allowed" certified PDF:

  • Filling form fields: OK
  • Editing form field properties: BROKEN
  • Adding annotations: BROKEN
  • Changing pages: BROKEN

For a "form filling + annotations" certified PDF:

  • Filling fields and adding annotations: OK
  • Editing form field properties: BROKEN
  • Changing page content: BROKEN

The boundary is subtle. Acrobat and other readers enforce it; tools that "edit" the file may not realize they are breaking certification.

Common gotchas

Re-saving in a tool that does not preserve incremental updates. Re-saving a certified PDF in some tools collapses the file structure, which can invalidate the certification.

Wrong tool used for form fill. A tool that uses content-stream rewriting instead of proper form field updates breaks certification. Use Acrobat or other certification-aware tools for filling certified forms.

Adding bookmarks or hyperlinks. Modifications outside the allowed scope break certification.

Removing pages. Always breaks certification.

OCR after certification. Adding a text layer to a certified scanned PDF is a modification, breaks certification. OCR before certifying.

Encryption applied after certification. Adds an encryption header; breaks certification. Encrypt before certifying.

Multiple certifications. A PDF can have only one certification signature. Additional signatures must be regular signatures on signature fields.

Signature on a field certified as "no changes". Cannot add. If the workflow needs recipient signatures, certify with "form filling allowed".

Invalid certificate chain. If the certificate or any intermediate CA is not trusted by the recipient's reader, certification appears unverified. AATL / EUTL certificates solve this for major readers.

Specific workflows

Government forms. The agency certifies the blank form with "form filling allowed". Citizens fill out and submit. Certification proves the form is the authentic version; filling does not invalidate.

Corporate financial reports. Internal certification with "no changes" for archived versions. External distribution maintains the certification; any modification is visible.

Contract templates. Issuer certifies the template; counter-parties sign signature fields. Certification of the template stays valid as long as only signature fields are filled.

Regulatory submissions. Submitter certifies the submission package; regulators receive a certified, integrity-protected document.

Academic publishing. Publisher certifies the final PDF for distribution. Readers receive a certified copy that proves it has not been altered.

Relationship to PDF/A and archival

Certification and PDF/A are complementary. A certified PDF/A file is:

  • Authoritative (certified)
  • Archival (PDF/A-compliant)
  • Long-term verifiable (LTV-enabled)

This combination is the gold standard for documents that need to be preserved with integrity for decades. See how to archive PDFs long-term.

Practical recipe

For a "no changes" certification of a final document:

  1. Open the PDF in Acrobat Pro
  2. Sanitize / strip metadata
  3. Save as final
  4. Tools → Certificates → Certify (Visible Signature)
  5. Draw the signature appearance area on page 1
  6. Choose your AATL certificate
  7. Choose "No changes allowed"
  8. Enable Long-Term Validation
  9. Sign and save as a new file
  10. Verify in a second reader

For a "form filling allowed" certification of a template:

  1. Build the form template with all fields named and validated
  2. Test the form fills correctly
  3. Certify with "Form fill-in and digital signatures allowed"
  4. Distribute the template
  5. Recipients fill and sign without breaking certification

Takeaway

Certification turns a PDF into an authoritative, integrity-protected document with controlled modification rules. Use it when you are the issuer of a document and want the file to carry its own proof of authenticity. Pair with LTV for long-term verification, use AATL or EUTL certificates for broad reader trust, and choose the modification level that fits the workflow. For browser-based starting steps like stripping metadata or signing fields before certification, Docento.app handles them. For the related signing topics, see digital signatures vs electronic signatures, how to add a signature field to a PDF form, and how to detect tampered PDFs.

Related Posts

Signature on a contract

Digital Signature Internals in PDF

May 17, 2026

Person signing a paper document with a pen

How to Add a Signature Field to a PDF Form

May 7, 2026

Two people shaking hands in an office

How to Create an Electronic Signature in 5 Minutes

May 4, 2026