Product Updates

Circularo Self-Hosted Option: What to Consider?

Thinking about hosting Circularo on your private cloud or having it deployed on-premise? Here are a couple of things to consider that might have an impact on user experience and the overall credibility, trust, and security when it comes to signing and sharing documents remotely.

When installed on-premise, Circularo has the same set of features and functionality as if it was used as a cloud-based SaaS. However, it is crucial to keep in mind that some key capabilities and services might not be available for on-premise installations if not configured properly, including:

  • Viewing, editing, and creating documents using MS Office 365 Online
  • Signing and sharing documents securely with external recipients
  • Using internationally recognized AATL certificates stored in HSM
  • Applying Long term validation (LTV) for digital signatures
  • Using certified Timestamp services for your signed documents

Working with MS Office 365 Online

To be able to view, edit, or create MS Office documents online, you might need to enable access to public MS Office online servers unless you deploy your own Office Online Server. Circularo is using standard WOPI-based integration and supports both options.

Sharing documents securely with external recipients

If you need to share files with people outside of your organization, you need to make sure that those external recipients can access the Circularo interface to view or sign documents.

On top of that, if you need to protect your shared documents even further and want to be able to verify the identities of external recipients, you might want to add an SMS-based 2-factor verification, for which you would need to enable access to an SMS gateway outside of your organization.

Signing documents with internationally recognized AATL certificates

Sure, you can digitally sign documents in Circularo with your self-generated electronic certificates. But if you want to make sure that your signed documents will be automatically recognized and validated by Adobe and trusted internationally, you must use an AATL certificate that is stored in HSM. While having your own HSM infrastructure might be an option, it comes at an extra cost.

Keep in mind that only certificates listed on the Adobe Approved Trust List are automatically recognized and validated by Adobe and other commercial PDF viewers. AATL certificates have to meet very strict regulations to protect the Digital Identity of the certificate’s owner. Using a non-AATL compliant certificate might leave a negative impression on the end user’s trust when they open such a document.

Using LTV signatures with AATL certificates

If Long term signature validation is important to you, it is necessary to ensure that Circularo has the access to the Certification Authority servers to sign documents with LTV.

Long-term signature validation allows you or reliant parties to check the validity of a signature long after the document has been signed and after the signing certificate has expired.

Using Qualified Time Stamp from trusted Certification Authority

Another fairly important aspect of generating and signing verifiable documents is using a time stamp service from an internationally recognized and trusted Certification Authority. For this very reason, again, Circularo needs to have access to that service outside of your organization.

Would you like to learn more about Circularo Ultimate on-premise solutions?