Certificate Encryption
Encrypt documents using PKI (Public Key Infrastructure) certificates.
Certificate encryption requires a Business plan or higher.
What is Certificate Encryption?
Certificate-based encryption uses public/private key pairs:
- Public key: Encrypts the document
- Private key: Decrypts the document
Only recipients with the matching private key can open the document.
Benefits Over Passwords
| Feature | Password | Certificate |
|---|---|---|
| Share secret? | Yes (password) | No |
| Per-recipient control | No | Yes |
| Revocable | No | Yes |
| Audit trail | Limited | Full |
| Enterprise integration | No | Yes |
Adding Certificate Encryption
- Open the document
- Click Security → Certificate Encryption
- Add recipient certificates
- Set permissions for each
- Click Apply
Adding Recipients
From Address Book
- Click Add Recipient
- Select from your contacts
- Certificate is attached to contact
Import Certificate
- Click Add Recipient → Import
- Select certificate file (.cer, .pem)
- Verify certificate details
- Add to recipients
From Directory
For enterprise LDAP integration:
- Click Add Recipient → Directory
- Search for user
- Select from results
Per-Recipient Permissions
Set different permissions for each recipient:
- Full access: All permissions
- View only: No printing or copying
- Custom: Specific permissions per user
Opening Encrypted Documents
- Open the certificate-encrypted PDF
- Your certificate is automatically detected
- If matched, document opens
- If not matched, access denied
Certificate Requirements
- X.509 digital certificates
- Key usage: Key Encipherment
- RSA 2048-bit or higher
- Valid (not expired)
Managing Certificates
View Your Certificates
- Click Security → Manage Certificates
- View installed certificates
- Check validity and details
Export Your Certificate
Share your public certificate:
- Click Security → Manage Certificates
- Select your certificate
- Click Export
- Choose format (.cer)
- Share with others
Best Practices
- Use certificates from trusted CAs
- Keep private keys secure
- Regularly update certificates
- Remove access when needed
- Maintain certificate backups
Next Steps
- Digital Signatures - Sign documents with cryptographic certificates
- Password Protection - Simpler access control with passwords
- Permissions - Set per-recipient document restrictions
Last updated on