Skip to main content
Skip table of contents


The signer has the class name: org.signserver.module.mrtdsodsigner.MRTDSODSigner.


The MRTD SOD Signer creates the Complete Security Object (SOd) for Machine Readable Travel Documents (MRTD), such as electronic passports and residence permits, by signing the provided data groups (DGs).

The Document Signer (DS) certificate is included in the SOd. The SOd is verified (including the certificate path) before it is returned, so the certificate chain must contain the Country Signing CA (CSCA) certificate. For more information, see SODProcessServlet in HTTP interface or ClientWS interface.

Available Properties

DODATAGROUPHASHINGTrue if this signer first should hash the DG values. Otherwise, the values are assumed to be hashes already. Optional, default: false.
DIGESTALGORITHM Message digest algorithm that is applied or should be applied to the values. Optional, default: SHA256.
SIGNATUREALGORITHM Signature algorithm for signing the SO(d). Optional, default is SHA256withRSA, although SHA256withRSAandMGF1 is recommended by Doc9303.
LDSVERSION Version of Logical Data Structure (LDS). For LDS version 1.7, enter "0107" and for version 1.8, "0108". Optional, default is 0107.
UNICODEVERSION Version of Unicode used in the datagroups. Required if LDS 1.8 is used. Example: "040000" for Unicode version 4.0.0.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.