Back to blog
How-to5 min read

How to Sign a PDF Electronically with Legal Validity (2026)

Step-by-step guide to signing a PDF electronically with full legal validity under eIDAS. Methods, tools and what to avoid to make your signature court-proof.

ST
SignDeal Team

The PDF is the world's most-used document format in business. And when the time comes to formalise one with a signature, the question is always the same: how do I sign a PDF electronically in a way that has real legal validity?

"Drawing" your signature on a PDF is not the same as signing it electronically with proper legal guarantees. This article explains the difference and how to do it right.

PDF document being signed electronically on screen

First: what is NOT a legally valid electronic signature on a PDF

Before explaining how to do it right, let's clarify which methods do not provide sufficient legal guarantees:

❌ Inserting a scanned image of your handwritten signature

Opening the PDF in Adobe Acrobat or Word, inserting a scanned image of your handwritten signature and saving it is not an advanced electronic signature. It is a digitised signature: anyone could copy that image and paste it into another document. There is no cryptographic binding between the image and the document content.

❌ Signing with Adobe Acrobat Reader's free "signature field"

Adobe Acrobat Reader (the free version) lets you "draw" a signature in a signature field, but it does not generate a complete cryptographic signature with a PKI certificate and timestamp. The result looks convincing but is legally weak.

❌ Print, sign by hand and scan back to PDF

Technically valid as a signature, but produces low-quality documents, is slow, impossible to track and difficult to archive with integrity guarantees.

Valid methods for signing a PDF electronically

Method 1: Electronic signature platform (recommended)

This is the most secure, most convenient and most legally robust method. Here is how it works:

  1. Upload the PDF to the platform.
  2. Define where each person needs to sign and in what order.
  3. The platform sends a unique link to each signer by email or SMS.
  4. The signer accesses without installing anything, verifies their identity and signs.
  5. The platform generates the signed PDF with a PAdES signature (embedded in the PDF itself) plus an audit trail sealed with RFC 3161.

This is the method SignDeal uses and the one we recommend for B2B contracts, employment contracts, NDAs, real estate agreements and any document with significant legal consequences.

Method 2: Adobe Acrobat with your own digital certificate

If you have a digital certificate installed (issued by a recognised CA such as GlobalSign, DigiCert or similar), you can sign PDFs directly from Adobe Acrobat Pro:

  1. Tools → Certificates → Digitally Sign.
  2. Draw the signature field on the document.
  3. Select your digital certificate installed on the system.
  4. Acrobat generates a PAdES signature with your certificate and a timestamp (if you have a TSA configured).

Limitations: the signer must have their own certificate installed, there is no centralised audit trail, no multi-signer workflow, and the experience for an external counterparty is poor.

Method 3: Government certificates (for public sector filings)

Most European countries offer free digital certificate tools for filing documents with public authorities. These are ideal for submitting documents to tax authorities, public registries or government bodies — but not designed for commercial workflows or external party signatures.

PAdES: the cryptographic signature embedded in the PDF

When you sign a PDF with real legal validity, the result is not just a PDF with a signature image: it is a PDF containing a PAdES signature (PDF Advanced Electronic Signatures), the standard defined by ETSI EN 319 100 and recognised under Commission Implementing Regulation (EU) 2015/1506.

A PAdES signature includes:

  • The SHA-256 hash of the signed PDF content.
  • The hash encrypted with the signer's private key.
  • The signer's public certificate.
  • An RFC 3161 timestamp issued by a recognised Time Stamping Authority (TSA).

How to verify that a PDF has a valid electronic signature

You can verify the signature of any signed PDF using Adobe Reader (free): open the PDF and look for the "Signatures" panel in the sidebar. If the signature is valid you will see:

  • ✅ "Signature is valid" in green.
  • The signer's name with their certificate.
  • The date and time of the timestamp.
  • "The document has not been modified since this signature was applied."

You can also use the EU's eIDAS DSS validator to verify any signed document.

Step by step: signing a PDF with SignDeal

  1. Create your free account on SignDeal — no credit card required, ready in 2 minutes.
  2. Upload the PDF from your computer, Google Drive or Dropbox.
  3. Add signers — name and email of each person who needs to sign.
  4. Place fields — drag and drop signature, date and text fields onto the PDF.
  5. Choose identity verification method — email OTP (included) or SMS OTP (optional).
  6. Send — each signer receives a unique link by email.

Signers open the link on any device (no installation needed), read the document, verify their identity with the received code and sign in under 2 minutes.

Once all signers have completed:

  • You receive the signed PDF with embedded PAdES signature.
  • You receive the evidence certificate with the complete audit trail sealed with RFC 3161.
  • The document is archived in your account with guaranteed integrity.

How long is an electronic signature on a PDF valid?

A PAdES signature with an RFC 3161 timestamp has indefinite validity, provided that:

  1. The signer's certificate was valid at the time of signing (even if it has since expired, the signature remains valid for that moment).
  2. The RFC 3161 timestamp preserves the hash state at the time of signing.
  3. The document has not been modified.

For documents with long retention periods (lease agreements, employment contracts, commercial contracts), the PAdES-LTA (Long-Term Archival) standard preserves all the information needed to verify the signature decades later, even if current cryptographic algorithms become obsolete.

Frequently asked questions

Can I sign a password-protected PDF? It depends on the type of protection. If the PDF has editing restrictions that include "signing not permitted", you will need to obtain an unrestricted PDF from the issuer. PDFs with only an opening password can be signed.

Does the signer need to install anything? With a platform like SignDeal, no. The signer accesses via link in any browser on any device.

What if the signer does not have a work email? You can use any personal email. What matters is that it is an email address to which the signer has exclusive access, as the identity verification OTP is sent to that address.

Can I sign the PDF myself and send it already signed to the other party? Yes, but the legally correct approach is for both parties to sign the same document. A document signed by only one party may be interpreted as a unilateral proposal, not a bilateral contract.

Conclusion

Signing a PDF electronically with legal validity is not complicated, but it requires the right method. A scanned signature image is not suitable for contracts with legal consequences. The standard is PAdES with a PKI certificate and RFC 3161 timestamp, and the most practical way to achieve this is by using an electronic signature platform.

Also read: Is electronic signature legal in Europe? Complete legal framework · Electronic signature platform guide

sign pdfelectronic signature pdfdigital signature pdflegal validityeidas

Try SignDeal for free

No credit card required. Up and running in 2 minutes.

Start for free