A signed PDF is only half the story

When a signature comes back, it's tempting to file the PDF and move on. But the document itself doesn't tell you who signed, when, from where, or whether the file you're holding is byte-for-byte the one they signed. That context is the other half of the record — and it's what turns a signed document into something you can actually stand behind if anyone ever questions it.

Hosting Sign packages that context into an Audit Certificate: a generated PDF, produced for every completed envelope, that sits alongside the signed document and captures the full evidentiary picture.

What's on the certificate

The Audit Certificate is a human-readable summary of the machine-verifiable record. For a completed envelope it lays out:

  • Every recipient and their role — signer, approver, or observer.
  • The event sequence: when each person opened the document, what verification they passed, when they signed, plus any reminders, delegations, or declines along the way — the same ordered history described in audit trails that hold up.
  • Timestamps and device context for each action, including IP address.
  • The document fingerprint — the SHA-256 hash that ties the certificate to one exact version of the file.

It reads like a chain of custody, because that's what it is. Anyone reviewing the agreement can see the whole story of how it got signed on a single page.

The two seals that make it verifiable

A summary is only as good as your ability to prove it wasn't edited after the fact. Two cryptographic anchors back the certificate:

  1. A SHA-256 hash seals the completed document. Change a single byte of the PDF and the hash no longer matches — so anyone can confirm the file they're holding is the exact one that was signed. Inside the platform this hash is part of a chain, where each audit record incorporates the previous one's hash, so the sequence of events is tamper-evident, not just the final file.
  2. An RFC 3161 trusted timestamp from a public timestamping authority is applied to every completed PDF. This is independent, third-party proof of when the document existed in its final form — not a date your server claimed, but one a neutral authority attested. You can verify it offline; a standard openssl command checks the timestamp token against the file without involving us at all.

The point of the offline check is independence. The record doesn't rely on trusting Hosting Sign's word — the math holds up on its own, on your machine, years later.

The one-click evidence bundle

When you need the full record — for an internal review, an audit, or your own archive — you don't want to collect pieces by hand. Hosting Sign produces a one-click ZIP bundle containing:

  • The flattened, signed PDF (fields baked in, no longer editable).
  • The Audit Certificate.
  • Any files signers uploaded as part of the signing flow.

One download, everything in it, ready to hand to whoever needs it. And it's not only senders who can get it: the instant a signer finishes, the confirmation screen offers their signed copy and certificate to download right there — which matters for in-person signers and public-template signers who never had an email in the loop.

How to use it well

A few habits make the certificate worth the bytes:

  • Archive the bundle, not just the PDF. When you offboard from any system — including migrating between providers — export the signed PDFs and their certificates so the evidence travels with the document for your full retention period.
  • Verify on receipt for high-stakes agreements. Running the offline timestamp and hash check once, when the document lands, costs a minute and confirms your archive is sound.
  • File it automatically. An envelope.completed webhook can drop the whole bundle into your system of record the moment signing finishes, so you're archiving evidence on every agreement without a manual step.

A signed PDF says a document was signed. The Audit Certificate, the hash, and the timestamp say who, when, and that nothing changed since — and that's the part that holds up when it matters.