What is it, and what is it for?

PKCS7 or P7M is a Cryptographic Message Syntax (CMS) from the RFC 5652.

"This syntax is used to digitally sign, digest, authenticate, or encrypt arbitrary message content." - https://www.ietf.org/rfc/rfc5652.txt

It is possible to define P7M signers in eSignAnyWhere. This allows you, at the end of a signing workflow, to define signers with P7M. Due to technical reasons it is not possible to add non-P7M signers after the first P7M signer. Moreover, please note that it is not possible to configure a P7M signer if the signature PAdES configuration is enabled for digital remote certificate, disposable certificate, automatic remote signature or local certificate.

P7M is an advanced feature and must be enabled for you, so please contact your Namirial Sales.

Precondition: Feature Flag "Pkcs7Signer" must be enabled.

How to use P7M

How To P7M

Please see the samples below. One UI sample and one api integration sample.


The P7M signer can be defined in the recipient list (P7M Signer Type). The P7M signer has no assigned signature fields in the document, so you will not be able to assign signature fields, form fields or predefined fields for him or her.

First select the last recipient in your signing workflow as P7M and choose the certificate method:

P7M Setting

If P7M is the only signer in the signing workflow and as a P7M signer has no signature fields, form fields or predefined fields assigned you will be directly forwarded to the summary page after configuration of the P7M. If there are also other signers before the P7M defined in your signing workflow you will continue on the designer page to assign fields to those signers.

If the P7M signer has signed the document you will be able to download the document as p7m format.

Please see also the next video which shows the complete process (P7M with disposable certificate):

Api Integration

For a parallel use case with two P7M signers please make sure that both P7M signers are assigned in the same group (e.g. "SignAsP7MGroup": "1")

The following configuration includes only one recipient (P7M signer) as it was shown in the UI sample before:

	"Documents": [
			"FileId": "a33f6f7d-1234-1234-1234-42cfbc3cad08",
			"DocumentNumber": 1
	"Name": "test",
	"Activities": [
			"Action": {
				"SignAsP7M": {
					"RecipientConfiguration": {
						"ContactInformation": {
							"Email": "john.doe@sample.com",
							"GivenName": "John",
							"Surname": "Doe",
							"LanguageCode": "EN"
						"SendEmails": true
					"SignatureMethods": {
						"LocalCertificate": false,
						"DisposableCertificate": {
							"DocumentIssuingCountry": "AT",
							"IdentificationIssuingCountry": "AT",
							"IdentificationType": "DrivingLicense",
							"PhoneNumber": "+##PhoneNumber##",
							"DocumentType": "DriverLicense",
							"DocumentIssuedBy": "##Issuer##",
							"DocumentIssuedOn": "2023-02-15",
							"DocumentExpiryDate": "2023-02-28",
							"SerialNumber": "##SerialNumber##",
							"DocumentNumber": "123"
					"SignAsP7MGroup": "1"

  • No labels