EzSign - Rapid Integration

EzSign can be setup, deployed and integrated extremely rapidly, enabling .NET and Java applications to start generating and verifying signatures accurately and securely, with complete control over the signature structure and validation process

Typically, a deployment will involve the following steps:


Server Setup

The server can be installed in minutes and supports Windows Server based operating systems as well as Solaris and Linux (Note: AIX is not yet supported for use with PKCS#11 based HSMs but HSM9000 and Software key stores are supported)

The simplest approach is to unzip the package, update the reference to your java installation and update the provided server.properties file to your requirements

Next, run the management utility to set your passwords and generate a CSR.  Once your certificate has been issued, import via the management utility

You can then start the server using the provided scripts or via the Windows Service


Client Integration

If using java, add a reference to KEzSignClient.jar

If using .NET, add a reference to EzSignClient.dll


In your code the following will generate a signature:

  EzSignClient client = new EzSignClient(serverIpAddress, serverPort);

  byte[] signature = client.signData(channel, dataToSign, false);


Note: EzSign separates key stores into channels, enabling an application to select different keys for different purposes.  Any channel name can be configured in the server properties and it is this name which must be passed to the signData method

The false parameter represents that the provided data is not a digest (already hashed).  If the data to sign is already hashed, this parameter will be true


And that's it!!


To verify the signature:

  client.verifySignature(channel, signature, dataToSign, false);


If there any validation problems an exception will be thrown containing all of the error details


All details of the signature generation and validation process will be logged to a location of your choice (by default this is a text file)

The client and server are stateless - meaning multiple clients can call the same server and client instances can be created and destroyed at will



With each EzSign Server license users get the Signature Toolkit for free.  Enabling the checking and graphical viewing of signature contents

Other tools (such as verifying HSM setup) are also available if required

Options around monitoring and alerting as well as test scripts can also be supplied upon request



Having been involved in the PKI market for 15 years, Krestfield have the knowledge and ability to assist with any queries and questions that may arise from using the EzSign server.  We can provide onsite support and walk through all setup steps and provide high quality ongoing support

For more information email us at This email address is being protected from spambots. You need JavaScript enabled to view it. or call 020 8938 3616



Contact Us

Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Call: 020 8938 3616

Sales & Support

Should you need any help with any of Krestfield's products, or wish to make any suggestions, please contact us.

Sales: sales@krestfield.com

Support: support@krestfield.com

Latest News


Version 1.1.0 released


Version 3.1.0 released


Our Mission

To create secure, highly available, easy to use products that are priced fairly

Please publish modules in offcanvas position.