FAQ XolidoSign Desktop
XolidoSign checks the validity status of certificates. To do this, check several aspects, one is the certificate revocation status (as the receipts can be revoked to invalidate its use).
Sometimes it is possible that revocation information included in the signature is large, making the signed (in the case of using embedded signature) file has a much larger than the size unsigned version. In the case of PDF / A format is possible that the structure housing the electronic signature is not big enough for this, which will generate an error.
There are two ways to check the revocation status of a certificate. One is using the OCSP protocol for querying the revocation status of a particular certificate. The other is by consulting revocation lists, which include a set of identifiers revoked by the certificate authority certificates.
Normally the OCSP method, but when the entity certificate validation fails or returns a response that is not considered valid, the algorithm tries to check revocation checking the certificate revocation list, which is usually large.
In this last case, if you have configured XolidoSign to include revocation information in the signature, it will be too big for the structures of the PDF / A format.
You can solve your problem by selecting a signature format that does not include the revocation information for that purpose in signing options XolidoSign, under "Signature format", you can choose the second option (Electronic Signatures with certificate and revocation refs.) or first (Basic Electronic Signatures). You can also try the signature later, hoping that the entity has arranged his OCSP validation service.
Xolido products
IT infrastructure and cloud services
About us