Introduction
Organizations that issue or verify digital documents often need trusted timestamps for regulatory compliance and long-term integrity. This case study covers our deployment of Ascertia ADSS TSA for an enterprise that handles high-volume digital signatures.
The Challenge
The client lacked a Timestamping Authority (TSA), exposing them to legal risk in verifying when documents were signed. Requirements included:
- eIDAS-compliant solution
- High availability and HSM support
- Easy integration with their existing PKI stack
The Solution
We designed and deployed a redundant Ascertia ADSS TSA cluster:
- Installed on hardened Linux systems with internal CA
- Integrated with HSM (Hardware Security Module)
- Used OCSP and CRL for signature validation
- Exposed the TSA endpoint securely over HTTPS with IP filtering
- Added centralized logging and alerting
The Results
- Full eIDAS compliance
- 99.999% uptime using HAProxy and two active TSA nodes
- Timestamping speed under 50ms even at peak hours
- Seamless integration into PDF signing workflows and Java-based apps
Conclusion
A well-architected TSA provides essential legal and operational guarantees for digital signature validation. Ascertia’s platform, combined with solid infrastructure design, enabled bulletproof integrity and compliance.
