I am evaluating the GroupDocs.Signature product before purchasing, I am trying to generate a signed PDF signed with Azure Key Vault… I am following the documentation provided, but when I call the sign method I am getting the exception below. The PDF output is still created, but the Signature shows as invalid. Can you please let me know what I might be missing? Thanks!
Sign document error: The signature length specified in the DefaultSignatureLength parameter is less than the length of the received signature. Current signature length: 5620. Set the DefaultSignatureLength parameter to a value greater than this value
var azureSigner = new AzureSigner(keyVaultUrl, certificateName, certificateKeyId, tenantId, clientId, clientSecret);
options.CustomSignHash = azureSigner;
options.Signature.Certificate = azureSigner.GetPublicCertificateFromAzureStorage();
using (var signature = new Signature(sourcePdfPath))
{
try
{
signature.Sign(outputPdfPath, options);
}
catch (Exception ex)
{
Console.WriteLine($"Error Signing: {ex.Message}");
}
}
Hello @mrpalma! Thank you for your interest in our product.
It looks like there is a limitation on the signature length but I think we can increase it. Let me check and get back to you with more details. I’ve created a ticket for your issue: #SIGNATURENET-5654
Thanks @yanaLi ! Do you have an estimate on when this update would be available? We need to make a decision this week on the API to use and without this update we will not be able to use groupdocs.
mrpalma I’ve checked and we can increase the signature size limit. We’re planning to publish the updated release this week. I’ll notify you as soon as the new version is available for download
@mrpalma Hello,
The new release is now available for download and includes the fix related to the DefaultSignatureLength parameter.
You only need to update to the latest version — no code changes are required on your side.
Please test it and let us know if your signing process now completes successfully. If you face any issues, feel free to share details and we’ll assist further.
Note: This post is a summary to finalize the topic. No reply is needed.
This issue has been resolved in GroupDocs.Signature for .NET version 26.2.0.
Problem: When signing PDF documents using Azure Key Vault with a custom ICustomSignHash implementation, the signing process threw an exception: “The signature length specified in the DefaultSignatureLength parameter is less than the length of the received signature. Current signature length: 5620.” The generated PDF signature appeared invalid.
Root cause: The internal default signature buffer size was too small to accommodate the signature length returned by Azure Key Vault’s signing operation.
Fix: The DefaultSignatureLength limit was increased in version 26.2.0 (released February 27, 2026) under internal ticket SIGNATURENET-5654. No code changes are required on the customer side — simply updating the NuGet package to version 26.2.0 or later resolves the issue.
Steps to resolve:
Update the GroupDocs.Signature NuGet package to version 26.2.0 or later.
No changes in code are needed.
The original reporter confirmed the fix was working.