Login

Countersignature or second signature? A practical guide for PAdES/XAdES

With PDF (PAdES), you will usually add a second signature, but with XAdES/CAdES sometimes a countersign is better. See how to choose the right variant, how to set up proCertum SmartSign (Certum Mini / SimplySign) and how to add a timestamp to preserve LTV.
Countersignature in a qualified signature - what it is, when it is useful and how to do it in proCertum SmartSign

Countersignature in a qualified signature - what it is, when it is useful and how to do it in proCertum SmartSign (Certum Mini / SimplySign)

In brief: countersignature is a signature affixed on an already existing signature. It is not a simple "second signature to a document" (co-signature), but a confirmation of someone else's signature - e.g., when a supervisor, legal counsel or CFO formally approves the signature of an employee or board member.

In corporate circulation, a simple co-signature under the document, but where the procedure requires "signature on signature," you use a countersignature.

When does countersignature make sense?

  • Acceptance of someone else's signature (compliance, audit): you acknowledge a specific signature action by a person.
  • Formal and legal control: the lawyer/finance officer (CFO) countersigns the director's signature on a key document.
  • Internal Policies: when the instructions say "validate X's signature," not "sign the document together with X."

     

If the Articles of Incorporation simply speak of joint representation (two signatures), the PDF (PAdES) usually uses a second independent signature. Countersignature is sometimes the natural choice when XAdES/CAdES(external signatures) and specific confirmation procedures.

Certum Mini or SimplySign? Both work

  • Certum Mini (card + USB reader): allows you to sign offline (without the Internet) - useful in environments with a higher security regime.
  • SimplySign (mobile/cloud signature): convenience and speed, works online (along with SimplySign Desktop on your computer).

proCertum SmartSign supports both solutions - you can countersign whether you use a card (Certum Mini) or a mobile signature (SimplySign).

 

How to make a countersignature in proCertum SmartSign - step by step

The diagram below follows the official instructions Certum.

  1. Prepare your tools

     

    • Insert card Certum Mini or log in to SimplySign Desktop.
    • Make sure you have an up-to-date proCertum SmartSign (check the version on the home screen; download the latest one from the Certum website).
Countersignature or second signature? A practical guide for PAdES/XAdES
2. determine the type of previous signature
    • If the document has external signature (a separate signature file) - go straight to the signing stage.
    • If the document has internal signature (content and signature in one file), use the option "Save content", to extract the signed content - if the button is active.

 

3. initiate countersignature
    • In SmartSign, go to SigningAdd fileSign.
    • Select your certificate (from your card or SimplySign).
    • The program detects that the document was already signed and will ask for an action - select "Countersign"..
    • Point to the specific signature, which you want to countersign, enter the PIN and confirm. After a while you will see a success message.
Countersignature or second signature? A practical guide for PAdES/XAdES

Practical note: in PDF (PAdES) business you usually use a second signature under the document (co-signature), because it is more readable in the signature panel.

Counter-signature is more often used in XAdES/CAdES (external signatures).

Countersignature or second signature? A practical guide for PAdES/XAdES

Countersignature vs. timestamping and archiving - what to do to make a document "survive" years

Qualified signature in itself does not guarantee perpetual verifiability. The certificate will expire (usually after 1-3 years), and verification sources are not maintained indefinitely. Therefore, for a long retention period, a key qualified timestamp. It is he who confirms, that specific document existed at a given time and has not been altered - even when the signer's certificate has already expired.

How to put it together in practice (according to our "offline" guide)

Our guide here

  • Rule 1: Add a qualified timestamp to every valid document. In SimplySign and Certum Mini, you can either attach it automatically during the signature or add it later (when you have access to the Internet).
  • Rule 2: "Just adding" a tag to a finished file does not exist - technically you add another signature containing the timestamp, or (for an external signature) you replace the existing signature with a version with a timestamp or you add a countersignature with a marker.
  • Rule 3: Archive locally (offline) According to the procedure: format PDF/PAdES as the default "on the shelf", store external files (XAdES/CAdES) together with the signature file, keep metadata (signature, date, type, hash) and backups.

Best practices from the experience of podpisano.pl

  1. Verify before countersigning. In SmartSign, you have the ability to verify signatures "in view" - before you add another layer, verify that the earlier one is correct.
  2. Always include a time stamp on documents that are expected to live longer than the certificate. This is the easiest way to LTV (long-term validation).
  3. Offline/online without conflicts. Certum Mini: you can sign offline, and add the tag later as another signature or countersign (for an external signature). SimplySign: works online - you attach the marker "on the spot".
  4. Readability for the viewer. In PDFs, usually choose the second signature (co-signature) - the recipient sees "two signers." A countersignature makes sense when you want to clearly show the approval of someone else's signature (e.g., formal compliance).
  5. Settings in SmartSign under control. In Settings → Signature, you can indicate the type(internal/external), set PAdES for the PDF and display the reason for the signature - it's worth setting this up once, according to company policy.

FAQ

Does the countersignature require another certificate?

No. You use the same qualified certificate - on the Certum Mini or on SimplySign. SmartSign itself will recognize the previous signature and offer the action "Countersign"..

Is it necessary to do a countersignature in PDF (PAdES)?

In business practice - rarely. Most often you add second signature under the document (co-signature). Countersignature is more common in XAdES/CAdES (external signature) and where policies require confirmation of a of a particular signature.

How to add a time stamp after signing?

For signature internal (e.g. PAdES) - you add another signature with a timestamp.
 For external (XAdES/CAdES) - you can replace signature with a timestamped version, add another signature with a marker or countersign containing the marker. Podpisano.pl

Is it possible to sign and archive "fully offline"?

Yes - the very signature you can submit offline (Certum Mini + SmartSign). The time stamp requires an Internet connection - you can add it later, as another operation. Podpisano.pl

SimplySign and Certum Mini qualified signatures

If you have any concerns or questions, please contact us

+48 22 417 05 55

We will answer your questions, find a date that suits you and an advisor in Gdansk, Gdynia, Krakow, Warsaw or Wroclaw.

You can also write an email from us [email protected]. 

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Check also:

  • Qualified stamps

How do I access KSeF? ZAW-FA vs. Seal

  • Qualified Stamps, Qualified Signatures

Authentication in KSeF: ZAW-FA or a Qualified Seal? Which one should you choose to start with?

  • Qualified stamps

Registering with KSeF using a qualified digital certificate – Your ticket to skip the lines

  • Qualified Stamps, Qualified Signatures

KSeF in sole proprietorships and small companies: qualified signature, stamp, and invoice automation

See all

Do you need help?

Info
Learn more Add to cart
Info
Learn more Add to cart

Find what you're looking for