documenso/SIGNING.md

# Creating your own signing certificate

For the digital signature of your documents you need a signing certificate in .p12 format (public and private key). You can buy one (not recommended for dev) or use the steps to create a self-signed one:

1. Generate a private key using the OpenSSL command. You can run the following command to generate a 2048-bit RSA key:

   `openssl genrsa -out private.key 2048`

2. Generate a self-signed certificate using the private key. You can run the following command to generate a self-signed certificate:

   `openssl req -new -x509 -key private.key -out certificate.crt -days 365`

   This will prompt you to enter some information, such as the Common Name (CN) for the certificate. Make sure you enter the correct information. The `-days` parameter sets the number of days for which the certificate is valid.

3. Combine the private key and the self-signed certificate to create the p12 certificate. You can run the following commands to do this:

   ```bash
   # Set certificate password securely (won't appear in command history)
   read -s -p "Enter certificate password: " CERT_PASS
   echo
   
   # Create the p12 certificate using the environment variable
   openssl pkcs12 -export -out certificate.p12 -inkey private.key -in certificate.crt \
       -password env:CERT_PASS \
       -keypbe PBE-SHA1-3DES \
       -certpbe PBE-SHA1-3DES \
       -macalg sha1
   ```

4. **IMPORTANT**: A certificate password is required to prevent signing failures. Make sure to use a strong password (minimum 4 characters) when prompted. Certificates without passwords will cause "Failed to get private key bags" errors during document signing.

5. Place the certificate `/apps/remix/resources/certificate.p12` (If the path does not exist, it needs to be created)

## Docker

> We are still working on the publishing of docker images, in the meantime you can follow the steps below to create a production ready docker image.

Want to create a production ready docker image? Follow these steps:

- cd into `docker` directory
- Make `build.sh` executable by running `chmod +x build.sh`
- Run `./build.sh` to start building the docker image.
- Publish the image to your docker registry of choice (or) If you prefer running the image from local, run the below command

```
docker run -d --restart=unless-stopped -p 3000:3000 -v documenso:/app/data --name documenso documenso:latest
```

Command Breakdown:

- `-d` - Let's you run the container in background
- `-p` - Passes down which ports to use. First half is the host port, Second half is the app port. You can change the first half anything you want and reverse proxy to that port.
- `-v` - Volume let's you persist the data
- `--name` - Name of the container
- `documenso:latest` - Image you have built

## Deployment

We support a variety of deployment methods, and are actively working on adding more. Stay tuned for updates!

## Railway

[![Deploy on Railway](https://railway.app/button.svg)](https://railway.app/template/DjrRRX)

## Render

[![Deploy to Render](https://render.com/images/deploy-to-render-button.svg)](https://render.com/deploy?repo=https://github.com/documenso/documenso)
docs: clearer readme? maybe? 2023-09-28 22:48:02 +00:00			`# Creating your own signing certificate`

			`For the digital signature of your documents you need a signing certificate in .p12 format (public and private key). You can buy one (not recommended for dev) or use the steps to create a self-signed one:`

			`1. Generate a private key using the OpenSSL command. You can run the following command to generate a 2048-bit RSA key:`

			`openssl genrsa -out private.key 2048`

			`2. Generate a self-signed certificate using the private key. You can run the following command to generate a self-signed certificate:`

			`openssl req -new -x509 -key private.key -out certificate.crt -days 365`

chore: self hosting docs update and certificate issues (#1847) 2025-09-09 11:26:42 +00:00			This will prompt you to enter some information, such as the Common Name (CN) for the certificate. Make sure you enter the correct information. The `-days` parameter sets the number of days for which the certificate is valid.

			`3. Combine the private key and the self-signed certificate to create the p12 certificate. You can run the following commands to do this:`

			```bash
			`# Set certificate password securely (won't appear in command history)`
			`read -s -p "Enter certificate password: " CERT_PASS`
			`echo`

			`# Create the p12 certificate using the environment variable`
			`openssl pkcs12 -export -out certificate.p12 -inkey private.key -in certificate.crt \`
			`-password env:CERT_PASS \`
			`-keypbe PBE-SHA1-3DES \`
			`-certpbe PBE-SHA1-3DES \`
			`-macalg sha1`
			```

			`4. IMPORTANT: A certificate password is required to prevent signing failures. Make sure to use a strong password (minimum 4 characters) when prompted. Certificates without passwords will cause "Failed to get private key bags" errors during document signing.`
feat: updated mobile header (#1004) Description: - Updated mobile header with respect to latest designs <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Added a new `showText` property to the `MenuSwitcher` component to control text visibility. - Added a `textSectionClassName` property to the `AvatarWithText` component for conditional text section styling. - Updated the `CommandDialog` and `DialogContent` components with new positioning and styling properties. - Style Updates - Adjusted text size responsiveness in the `Hero` component for various screen sizes. - Modified text truncation and input styling in the `Widget` component. - Changed the width of the `SheetContent` element in `MobileNavigation` and adjusted footer layout. - Documentation - Added instructions for certificate placement in `SIGNING.md`. - Refactor - Standardized type imports across various components and utilities for improved type checking. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Signed-off-by: Adithya Krishna <adithya@documenso.com> Signed-off-by: Adithya Krishna <aadithya794@gmail.com> Co-authored-by: David Nguyen <davidngu28@gmail.com> 2024-04-15 08:52:34 +00:00
fix: outdated docs (#1985) 2025-08-24 06:48:30 +00:00			5. Place the certificate `/apps/remix/resources/certificate.p12` (If the path does not exist, it needs to be created)
docs: clearer readme? maybe? 2023-09-28 22:48:02 +00:00
			`## Docker`

			`> We are still working on the publishing of docker images, in the meantime you can follow the steps below to create a production ready docker image.`

			`Want to create a production ready docker image? Follow these steps:`

			- cd into `docker` directory
			- Make `build.sh` executable by running `chmod +x build.sh`
			- Run `./build.sh` to start building the docker image.
			`- Publish the image to your docker registry of choice (or) If you prefer running the image from local, run the below command`

			```
			`docker run -d --restart=unless-stopped -p 3000:3000 -v documenso:/app/data --name documenso documenso:latest`
			```

			`Command Breakdown:`

			- `-d` - Let's you run the container in background
			- `-p` - Passes down which ports to use. First half is the host port, Second half is the app port. You can change the first half anything you want and reverse proxy to that port.
			- `-v` - Volume let's you persist the data
			- `--name` - Name of the container
			- `documenso:latest` - Image you have built

			`## Deployment`

			`We support a variety of deployment methods, and are actively working on adding more. Stay tuned for updates!`

			`## Railway`

			`[![Deploy on Railway](https://railway.app/button.svg)](https://railway.app/template/DjrRRX)`

			`## Render`

			`[![Deploy to Render](https://render.com/images/deploy-to-render-button.svg)](https://render.com/deploy?repo=https://github.com/documenso/documenso)`