Digital Signature Certificate Not Trusted in signNow

What a not trusted certificate means
A digital signature certificate not trusted means the signer’s certificate cannot be verified against a trusted certificate authority, revocation source, or chain of trust. In practice, the signature may still exist, but the system cannot confirm that the certificate is valid, current, or issued by a recognized authority. SignNow records the signing event, identity checks, timestamps, and document history so the transaction can still be reviewed, traced, and assessed under U.S. electronic signature rules.
Why certificate trust matters
It matters because trust status affects evidentiary strength, not just convenience. A documented signing flow can support enforceability under ESIGN and UETA when intent, attribution, and record integrity are preserved, which helps reduce disputes and speeds internal review.

Frequent trust and validation issues
The certificate chain cannot be validated because the issuing authority is missing, expired, or blocked by the client. Revocation checks fail when OCSP or CRL data is unavailable, outdated, or unreachable during verification. Recipients see warning prompts when the certificate does not match the browser or operating system trust store. Teams confuse an untrusted certificate with an invalid signature, even when the audit trail still shows a signed record.
Where certificate trust is used
Regulated records
Healthcare and finance teams use signed records that need identity checks, timestamps, and audit trails.
Evidence-heavy documents
Legal, real estate, and government workflows rely on document history for attribution and review.
Who benefits from this workflow
A NetSuite operations leader at Xerox may need signed approvals tied to ERP records, where certificate trust, audit history, and document routing all matter. The workflow helps keep signatures attributable while preserving the record trail needed for internal controls and review. A founder at Fertility Centers of Illinois may handle patient-facing forms that require HIPAA-aware handling, BAA coverage, and clear identity evidence. A not trusted certificate warning does not erase the signature record, but it does increase the need for strong audit documentation and retention discipline.
- Best ROI. Our customers achieve an average 7x ROI within the first six months.
- Scales with your use cases. From SMBs to mid-market, airSlate SignNow delivers results for businesses of all sizes.
- Intuitive UI and API. Sign and send documents from your apps in minutes.
Core features that support trust
SignNow keeps the signing record organized, traceable, and reviewable when certificate trust needs extra verification.
Audit visibility
SignNow captures signer identity, timestamps, and document history so teams can review the signing event even when certificate trust is questioned.
Record integrity
The signing record stays tied to the document, which helps preserve integrity when the certificate chain is not fully trusted.
Identity checks
Identity checks can be layered with SMS OTP, ID verification, or other methods to strengthen attribution.
Controlled routing
Role-based routing helps legal, HR, and operations teams send documents in the right order without losing traceability.
Retention support
Retention and export options support internal review, litigation holds, and regulated recordkeeping requirements.
Mobile access
Mobile signing works across desktop and mobile devices, which helps remote teams complete documents without printing or scanning.
How the signing record is built
The signing flow creates a traceable record from identity check to final storage, so the document can be reviewed later.
Verify identity: The system checks the certificate chain and signer identity. Capture event: It records the signing event with timestamps and metadata. Seal record: It seals the document so later changes are detectable. Store evidence: It stores the history for later review or export.
Quick setup steps
Use a simple workflow to prepare, verify, send, and review the signed document.
Prepare file:
Upload the document and assign the signer. Set verification:
Choose the authentication method for the signer. Request signature:
Send the request and collect the signature. Check records:
Review the audit trail before archiving.
Recommended workflow settings
Use a documented configuration that supports attribution, integrity, and retention for regulated U.S. records.
| Setting | Recommendation |
|---|---|
| Authentication method | SMS OTP |
| Signature type | Electronic signature |
| Audit trail | Enabled |
| Document retention | 6 years (HIPAA 45 CFR 164.530(j)(2)) |
| Encryption | TLS 1.2/1.3 and AES-256 |
Supported platforms and devices
Signers can use current versions of Chrome, Firefox, Safari, or Edge on Windows, macOS, iOS, and Android. TLS 1.2 or TLS 1.3 supports secure transport, and mobile apps help users sign from phones or tablets without changing the record trail.
Desktop browsers Chrome, Firefox, Edge on Windows and macOS. Mobile browsers Safari on iOS, Chrome on Android. Mobile apps signNow apps on iOS and Android.
For regulated deployments, managed devices, SSO provisioning, and API access help administrators control who can sign, route, and export records. Enterprises often pair browser access with mobile apps, retention rules, and certificate validation checks so the signing process remains consistent across teams and locations.
Security controls and compliance
Transport security:
Data at rest:
SOC 2 Type II:
ISO 27001:
HIPAA support:
Privacy controls:
Real-world workflow examples
These examples show how teams use signNow to keep signing records organized when certificate trust needs extra review.
NetSuite operations
A NetSuite operations leader needed flexible routing for signed documents across systems and formats.
- Xerox used signNow with NetSuite integration.
- The workflow kept signatures tied to records.
The team could route documents in the right format, preserve traceability, and keep internal review aligned with system records.
Healthcare operations
A healthcare founder needed secure online execution for patient-related forms and responsive API support.
- Fertility Centers of Illinois used signNow.
- The team valued compliance and security.
The workflow supported secure collection, better record handling, and clearer evidence for forms that needed careful retention and access control.
Practical ways to reduce risk
A careful setup reduces disputes, keeps records reviewable, and makes trust warnings easier to interpret.
Match verification to risk
Preserve the audit trail
Define retention early
Train reviewers carefully
FAQ about certificate trust issues
These answers focus on signNow features, plan differences, and U.S. compliance rules that affect certificate trust warnings.
A not trusted certificate warning usually means the browser cannot confirm the certificate chain or revocation status. In signNow, the signed record still includes audit trail data, timestamps, and document history. For HIPAA or 21 CFR Part 11 workflows, add stronger authentication and keep the BAA and retention rules in place.
If a signer sees an invalid certificate message, check whether the device trust store is outdated or the certificate has expired. signNow’s audit trail can still show who signed, when they signed, and what document was completed, which helps support ESIGN and UETA review.
For HIPAA workflows, signNow can be used with a BAA, but the organization must still configure access controls, audit controls, and retention. HIPAA requires 6 years of retention for signed records containing PHI under 45 CFR 164.530(j)(2).
If a document needs 21 CFR Part 11 support, use unique user IDs, two components for electronic signatures, and secure audit trails. signNow’s record history helps document who acted, when, and why, but validation remains the organization’s responsibility.
If a team needs bulk sending or advanced routing, those features are available on higher plans such as Business Premium and Enterprise. The Business plan includes audit trails and templates, while Enterprise adds advanced signer authentication and integrations.
If a certificate warning appears during review, export the signed file and audit trail together. That gives legal, compliance, or operations teams a complete record for ESIGN, UETA, or internal policy review, even when the certificate itself is not trusted by the client.
Vendor comparison at a glance
The table compares core signing and compliance capabilities across leading vendors used in U.S. business workflows.
| signNow | DocuSign | Adobe Acrobat Sign | PandaDoc |
|---|---|---|---|
| Audit trail | Yes | Yes | Yes |
| ESIGN and UETA | Yes | Yes | Yes |
| HIPAA support | Yes | Yes | Yes |
| Envelope cap | Unlimited | 100/year | Not verified |
Rollout and retention timeline
This timeline combines rollout milestones with retention and policy facts that matter for regulated records.
Day 0:
Day 1:
Week 1:
7-day trial:
HIPAA retention:
Part 11 records:
Enterprise rollout:
Policy review:
Risks of poor certificate handling
Signature dispute
Weak evidence
HIPAA exposure
Part 11 rejection
Inside the audit trail
The audit trail records each action so reviewers can trace the signing event from start to finish.
Signer authentication:
Timestamp capture:
Document hashing:
Tamper sealing:
Audit storage:
Trail export:
Pricing and feature snapshot
Prices reflect verified entry-tier annual billing data and plan notes from the provided source set.
| Plan / Feature | signNow | DocuSign | Adobe Sign | PandaDoc | HelloSign | |
|---|---|---|---|---|---|---|
| Starting price | $8/user/mo | $15/user/mo | $14/user/mo | $19/user/mo | $15/user/mo | |
| Free trial | 7 days | Not verified | Not verified | Not verified | Not verified | |
| Bulk send | Business Premium | Plan-dependent | Plan-dependent | Yes | Not verified | |
| Audit trail | Included | Included | Included | Included | Included | |
| HIPAA compliance | BAA required | BAA available | BAA available | Not verified | Not verified |
Key performance indicators that demonstrate SignNow's proven track record.