Excel Digital Signature
With the following example you will learn how to create a digitally signed Excel file in C# and VB.NET with the GemBox.Spreadsheet component.
using GemBox.Spreadsheet;
class Program
{
static void Main()
{
// If using the Professional version, put your serial key below.
SpreadsheetInfo.SetLicense("FREE-LIMITED-KEY");
var workbook = ExcelFile.Load("%InputFileName%");
var saveOptions = new XlsxSaveOptions();
saveOptions.DigitalSignatures.Add(new XlsxDigitalSignatureSaveOptions()
{
CertificatePath = "%InputDigitalId%",
CertificatePassword = "GemBoxPassword"
});
workbook.Save("XLSX Digital Signature.xlsx", saveOptions);
}
}
Imports GemBox.Spreadsheet
Module Program
Sub Main()
' If using the Professional version, put your serial key below.
SpreadsheetInfo.SetLicense("FREE-LIMITED-KEY")
Dim workbook = ExcelFile.Load("%InputFileName%")
Dim saveOptions As New XlsxSaveOptions()
saveOptions.DigitalSignatures.Add(New XlsxDigitalSignatureSaveOptions() With
{
.CertificatePath = "%InputDigitalId%",
.CertificatePassword = "GemBoxPassword"
})
workbook.Save("XLSX Digital Signature.xlsx", saveOptions)
End Sub
End Module
To get a valid signature in MS Excel, as seen in the screenshot above, you will have to install GemBoxCA.crt certificate as a trusted root certification authority and install either GemBoxRSA.crt or GemBoxECDsa.crt certificate as an Intermediate Certification Authority, as described in the Digital ID notes.
To avoid installing the whole certificate chain, you can embed certificates in the signature. With this approach only the root certificate (GemBoxCA.crt) needs to be installed.
The following example shows how to add multiple signatures, set additional signature properties, and embed an intermediate certificate.
using GemBox.Spreadsheet;
using GemBox.Spreadsheet.Security;
class Program
{
static void Main()
{
// If using the Professional version, put your serial key below.
SpreadsheetInfo.SetLicense("FREE-LIMITED-KEY");
var workbook = ExcelFile.Load("%InputFileName%");
var signature1 = new XlsxDigitalSignatureSaveOptions()
{
CertificatePath = "%#GemBoxECDsa521.pfx%",
CertificatePassword = "GemBoxPassword",
CommitmentType = DigitalSignatureCommitmentType.Created,
SignerRole = "Developer"
};
// Embed intermediate certificate.
signature1.Certificates.Add(new Certificate("%#GemBoxECDsa.crt%"));
var signature2 = new XlsxDigitalSignatureSaveOptions()
{
CertificatePath = "%#GemBoxRSA4096.pfx%",
CertificatePassword = "GemBoxPassword",
CommitmentType = DigitalSignatureCommitmentType.Approved,
SignerRole = "Manager"
};
// Embed intermediate certificate.
signature2.Certificates.Add(new Certificate("%#GemBoxRSA.crt%"));
var saveOptions = new XlsxSaveOptions();
saveOptions.DigitalSignatures.Add(signature1);
saveOptions.DigitalSignatures.Add(signature2);
workbook.Save("XLSX Digital Signatures.xlsx", saveOptions);
}
}
Imports GemBox.Spreadsheet
Imports GemBox.Spreadsheet.Security
Module Program
Sub Main()
' If using the Professional version, put your serial key below.
SpreadsheetInfo.SetLicense("FREE-LIMITED-KEY")
Dim workbook = ExcelFile.Load("%InputFileName%")
Dim signature1 As New XlsxDigitalSignatureSaveOptions() With
{
.CertificatePath = "%#GemBoxECDsa521.pfx%",
.CertificatePassword = "GemBoxPassword",
.CommitmentType = DigitalSignatureCommitmentType.Created,
.SignerRole = "Developer"
}
' Embed intermediate certificate.
signature1.Certificates.Add(New Certificate("%#GemBoxECDsa.crt%"))
Dim signature2 As New XlsxDigitalSignatureSaveOptions() With
{
.CertificatePath = "%#GemBoxRSA4096.pfx%",
.CertificatePassword = "GemBoxPassword",
.CommitmentType = DigitalSignatureCommitmentType.Approved,
.SignerRole = "Manager"
}
' Embed intermediate certificate.
signature2.Certificates.Add(New Certificate("%#GemBoxRSA.crt%"))
Dim saveOptions As New XlsxSaveOptions()
saveOptions.DigitalSignatures.Add(signature1)
saveOptions.DigitalSignatures.Add(signature2)
workbook.Save("XLSX Digital Signatures.xlsx", saveOptions)
End Sub
End Module
Digital ID notes
Digital ID files used in the preceding example are part of a simple Public Key Infrastructure (PKI) created just for this demonstration which contains the following hierarchy of certificates and CRLs:
- Root Certificate Authority certificate GemBoxCA.crt
- Intermediate Certificate Authority certificate GemBoxRSA.crt
- Digital ID GemBoxRSA1024.pfx and its certificate GemBoxRSA1024.crt
- Digital ID GemBoxRSA2048.pfx and its certificate GemBoxRSA2048.crt (revoked)
- Digital ID GemBoxRSA4096.pfx and its certificate GemBoxRSA4096.crt
- CRL GemBoxRSA.crl that revokes the certificate with the serial number 02 (GemBoxRSA2048.crt)
- Intermediate Certificate Authority certificate GemBoxECDsa.crt
- Digital ID GemBoxECDsa192.pfx and its certificate GemBoxECDsa192.crt
- Digital ID GemBoxECDsa224.pfx and its certificate GemBoxECDsa224.crt (revoked)
- Digital ID GemBoxECDsa521.pfx and its certificate GemBoxECDsa521.crt
- CRL GemBoxECDsa.crl that revokes the certificate with the serial number 02 (GemBoxECDsa224.crt)
- CRL GemBoxCA.crl that doesn't revoke any certificate
- Intermediate Certificate Authority certificate GemBoxRSA.crt
To get a valid signature in an MS Office Application, as seen in the screenshot above, you will have to add GemBoxCA.crt certificate to the list of Trusted Certificates on your machine using the following steps:
- Download GemBoxCA.crt certificate.
- Open the file and click Install Certificate....
- If you are adding a Root Certificate, choose the option "Place all certificates in the following store" and Browse for "Trusted Root Certification Authorities".
- After the installation is finished, you can see the certificate under "User Accounts" > "Manage User Certificates" in the Control Panel.
- Once you finish the verification, it is safer to uninstall the certificate.
