Motard | Posts: 12

Signature properties in active documents

0 votes

Hello,

 

In the attached image, a signature properties interface we can see the Location: Client IP 172.16.4.81

 

My question is how can I edit this IP. Have been trying to send the "x-forwarded-for" header for the sign request, but the value sent is not applied. 

 

Even though I can see a change when I use that header in the request.

 

When I use that header I can see the value changes from 172.16.4.81 to 172.16.4.80, but this are not the values I sent in the "x-forwarded-for" header.


Attachments
Duo_Liang | Posts: 3776

Reply to: Signature properties in active documents

0 votes

Hi Motard,

 

If you are signing on behalf of signer via API or SDK function, then you can't and shouldn't tamper the request IP address, as the process evidence is the key proof of what exactly transpired during an online e-signing session. Even though you're signing on behalf of a signer, it is really your application that signed the document and both the sealed certificate and the audit trail will point out that the signature has been signed from the source IP address.

 

Duo


Motard | Posts: 12

Reply to: Signature properties in active documents

0 votes

Hello Duo.

One more thing that I noticed. When I sign a document using native OSS signing front end to sign a document, and when I check that signature properties interface I can see my own public IP reflected there.

 

So my question is, why when I sign via API call I get one IP, like the one I put above, this one 172.16.4.81, and when I sign using OSS native signing front end I can see my actual public IP?


Duo_Liang | Posts: 3776

Reply to:

0 votes

Hi Motard,

 

Is your goal to get rid of the private IP (e.g. 172.16.4.81) and to display the actual public IP in the certificate as well as the audit trail? 

First, please kindly be aware of the two points I mentioned above: (1)when signing on behalf of a signer, the signed certificate and the audit trail will point out the signature has been signed from the application's IP address (2)you shouldn't trying to tamper this IP

On top of that, I agree with you that it's abnormal to show an internal IP in the certificate. When you mentioned "sign via API call", where the API client was hosted? Your local machine or a remote server? Does it connect to internet directly or via firewall/proxy?

 

Duo


Motard | Posts: 12

Reply to:

0 votes

Hello Duo,

 

Yes that is my goal, to get rid of the private IP and display the actual public IP.

 

And the API client is hosted on a remote server. And I will need to get back to you regarding your question "Does it connect to internet directly or via firewall/proxy", because I am waiting for the sysadmin to give me feed back on that. 


Hello! Looks like you're enjoying the discussion, but haven't signed up for an account.

When you create an account, we remember exactly what you've read, so you always come right back where you left off