A PersonalSign Digital Certificate is a Digital ID issued to an entity (i.e. individual or a department) that helps to prove that entity’s identity. The Digital ID binds an individual’s verified identity (typically including the name, company name and email address of the Digital ID owner) to a unique cryptographic credential. PersonalSign Certificates identify, prove and contain different levels of information. 

GlobalSign's PersonalSign Certificates can be used for multiple purposes:

• Microsoft Office Document Signing - Digitally Sign Microsoft Office Documents.
  
  GlobalSign PersonalSign Certificates are trusted by Microsoft Office systems and allow you to create digital signatures. Applying a digital signature to a document proves the information originated with the signer and that the document has not been altered since the document was signed, ensuring document integrity. This allows for secure electronic document work flows and eliminates time and resources spent by replacing paper-based work flows. It also meets compliance requirements associated with electronic work flows. When applying a digital signature, you can choose to insert an image file containing a handwritten signature or other image of your choice.

• Two Factor Authentication (2FA) - Strong Authentication to networks, VPNs, cloud services and more.
  
  Client Authentication is the process by which users securely access a server or remote computer by exchanging a Certificate. Networks and web services can be configured to only allow access to particular Certificates. Authentication prevents unauthorized access and enhances current security. It can be used for in-browser client authentication to VPNs, smart card technology, cloud applications, and mobile devices. PersonalSign Certificates are approved Digital Certificates for various online services including the FDA ESG and NAESB Electronic Industry Registry.

Learn more about the various uses of GlobalSign's PersonalSign Certificates by visiting the PersonalSign Certificates page on GlobalSign.com.

Intermediate Certificates help complete a "Chain of Trust" from your SSL or Client Certificate to GlobalSign's Root Certificate. PersonalSign Intermediate Certificates are available here.

Non-repudiation is a feature of a digital signature which allows the author, or "signer", of a message to prove his identity. Non-repudiation allows you to prove who participated in a transaction; a signer of a document on one end of a transmission cannot deny having sent the message nor can the recipient deny having received it. Non-repudiation means that information cannot be disclaimed; it equates to a witnessed handwritten signature on a paper document.

PersonalSign Certificates are valid for 39 months maximum. For more information, please refer to this page.

You can purchase your PersonalSign Certificate in the following platforms:

• If you are a new customer, you can order your certificate through our website to create a GCC account.
• If you are an existing customer with an active GCC account, please refer to this page to place a new order.

You can also place an order in bulk (5+ certificates) through GlobalSign’s Managed PKI platform. Benefits of Managed PKI include pre-vetting for instant certificate issuance, volume discounts, easy certificate management and more. Contact an Account Manager to get started with Managed PKI. 

Once you complete your order, our Vetting team will verify the application details and call to confirm/verify your order (1 – 3 business days). An Organization’s identity is verified by GlobalSign’s vetting team in accordance with the steps described in the GlobalSign CA Certification Practice Statement (CPS). GlobalSign will verify the Organization is legitimate using third party verification services such as a qualified government information source.

IMPORTANT: If you choose credit card as your mode of payment, we will be sending a link to proceed with your payment. Once your order is ready, please refer to this page to process your payment. After vetting is complete and payment is confirmed, your certificate is ready to issue. 

You can only do it once it's ready for renewal. The renew button is available in your account for 90 days prior to your Certificate expiring and 7 days after the Certificate has expired. If your certificate is ready for renewal, please refer to this page.

For PersonalSign Certificate reissue, please refer to this page. Reissue is only advised in the following scenarios:

• If you need to install the Certificate on a new machine, however you have lost the original downloaded file to install.

• You cannot retrieve the auto-generated password for the .pfx file when you downloaded and installed it originally.

• If the Certificate’s private key has become compromised; we advise that the compromised Certificate be revoked after reissuance.

• If you need to install the Certificate on a new machine but are unable to export it in a .pfx format (Including private key) from the machine where you installed it originally

IMPORTANT: When a PersonalSign Certificate is reissued/renewed a new private and public key pair is generated. Our PersonalSign Certificates are used for three functions, which are affected in the following ways:

• Digitally signing an email. Using a reissued/renewed Certificate will not have any affect when signing new emails and old emails will still show as correctly signed.

• Encrypting an email. The reissued/renewed Certificate can be used to encrypt new emails. However, it cannot be used to decrypt old emails that were encrypted with the original Certificate as the original Certificate will have its own unique private and public key pair. The original Certificate will need to be used to decrypt any emails it was used to encrypt. For this reason, we recommend saving a copy of your original Certificate(s).

• Authentication. The public key of the reissued/ renewed Certificate will not match the public key of the original Certificate. This will mean that if you want to use your reissued/renewed Certificate for authentication, you will need to export your new public key and provide it to the service you are trying to authenticate to.

To Cancel and Reorder your Certificate, please refer to this page. Cancel and Reorder is advised in the following scenarios:

• If you entered an incorrect approval email.
• If you forgot your Certificate PickUp Password.
• If you want to change details in your Certificate.

If your Certificate has not been issued or has been available for download for less than 7 days, you should have the option to cancel and reorder the Certificate with the correct information. 

If you do not have the option to cancel and reorder the Certificate from your account, please check if you are the same user who placed the order, as you may not have permissions to complete this action.

​​​​If you are the user who placed the order but you still do not have the option to cancel and reorder, please contact support for assistance. Note: Cancellation is only available within 7 days of issuance of the Certificate.

Depending on what you’re trying to do, e.g. exporting your Certificate to install on to another machine or exporting your Certificate in a file which is required by a third-party website to authenticate, the following guides should assist you.

• To export your Certificate in a .pfx file, you can use this guide.
• To export your Certificate in a .cer file, you can use this guide.

If you are unable to export the private key, this means the option to make the private key exportable was not ticked during the initial installation of the Certificate. In this scenario we would recommend locating the downloaded file of the Certificate on your machine to install the Certificate again. If you no longer have a copy of the original Certificate downloaded on your computer, then you will need to reissue the Certificate to receive a new .pfx file. 

If you no longer have a copy of the original Certificate downloaded on your computer, then you will need to reissue the Certificate to receive in a new .pfx file.

You can download and install your PersonalSign Certificate by following this page.

To configure your PersonalSign certificate across supported platforms, please refer to this page.

GlobalSign's PersonalSign Certificate is compatible with the leading programs and are an easy to use, cost-effective way to add digital signatures to your email. For instructions on how to sign and encrypt with your GlobalSign PersonalSign Certificate, please refer to this page.