Sign PDF
Apply a legally-binding digital signature to your PDF using your PKCS#12 (.p12 / .pfx) certificate.
- Encrypted in transit (TLS 1.3)
- Files auto-deleted in 60 minutes
- Requires pro monthly plan
Run Sign PDF
About Sign PDF
A digital signature isn't just a picture of your name — it's a cryptographic proof that you, the holder of a specific certificate, approved this exact document at this exact moment. Tampering after signing breaks the signature visibly.
Sign PDF uses pyHanko, the gold-standard open-source PDF signing library. Supply your PKCS#12 bundle (the .p12 / .pfx file you got from your CA or trust service), and we sign your PDF in compliance with PAdES.
How Sign PDF works
Three steps. Done in seconds.
-
1
Upload your PDF + certificate
PDF goes via the file upload. PKCS#12 certificate goes as base64 in the Advanced JSON (pkcs12_b64 + password).
-
2
We sign with pyHanko
PAdES-compliant signature applied to the document, with optional reason text.
-
3
Download the signed PDF
Open in Acrobat to see the green check mark. Tampering after signing visibly breaks the signature.
Why Sign PDF on Pixenith
Built for serious work. Free for everyday use.
Privacy first
Encrypted in transit, processed in isolated workers, deleted within 60 minutes.
Lightning fast
Most jobs finish in under 5 seconds. Heavy ones run on dedicated worker pools.
Production engine
Powered by pikepdf, Ghostscript, Tesseract OCR, ONNX models — the same tech the pros use.
Free, no signup
Generous daily limits on the free plan. Upgrade only if you need bigger files.
Related PDF tools
Often used alongside Sign PDF.
- Protect PDF Encrypt a PDF with a password (AES-256).
- Redact PDF Cover text matching a regex pattern with opaque rectangles.
- Add watermark Stamp a text watermark across every page.
- PDF forms Fill in the form fields of a fillable PDF.
- Unlock PDF Remove a known password from a PDF.
- Merge PDF Combine multiple PDFs into a single document in the order you choose.
Sign PDF — frequently asked questions
Everything you need to know.
Where do I get a PKCS#12 certificate?
From a trust service provider (Adobe Approved Trust List, EU eIDAS providers, or your country's qualified CA). For internal use, you can self-sign one with openssl, but it won't show as "trusted" in Acrobat.
Is the signature legally binding?
If your certificate is qualified (e.g. eIDAS QES in the EU or AATL in the US), yes — this signature carries the same weight as a handwritten one in most jurisdictions. Always consult your legal team for specific use cases.
Why does this tool require the Pro plan?
Digital signing requires the pyHanko library and a worker configured to handle PKCS#12 securely. Pro plans get the feature included.
How is my certificate password kept secure?
Sent encrypted (TLS 1.3) to the worker, used to unlock the PKCS#12 in memory, then immediately discarded. We never store the certificate or password.
Can I add a visible signature appearance?
Current endpoint produces an invisible signature (verified in Acrobat's signature panel). Visible signature appearance is on the roadmap — contact us if you need it now.