Digital signatures on InfoPath Form Libraries are invalid

Symptoms
Consider the following scenarios.

Scenario 1

When you try to view an InfoPath form in a SharePoint Form Library in a browser, and the form contains a digital signature field with a valid signature, you receive the following messaging: 
One or more digital signatures in this form could not be verified. To modify parts of the form that have been digitally signed, remove the associated signatures. Click on a signatures to view its details.

You also receive the following error message on the form itself that's displayed with Show Details and Remove links:

There is a problem with this signature.

When you click the Details link, you see one of the following messages:
  • Invalid Signature – The form changed after it was signed.
  • Untrusted signature – The trust chain cannot be verified.

Scenario 2

You sign an InfoPath form in a browser in a SharePoint Form Library by using a valid signature. Then, you see an error message on the form that's displays with Show Details and Remove links:

There is a problem with this signature.
When you click the Show Details link, you receive one of the following messages:
  • Invalid Signature – The form changed after it was signed.
  • Untrusted signature – The trust chain cannot be verified.
Cause
The MS16-035 security update for the .NET Framework that's described in KB 3141780 disables most XML Signature Transforms. InfoPath Services uses these transforms to create and validate digital signatures, as described in KB 3148821.
Workaround
To work around this issue, add the last registry entry that's described in the "Scenario 2 Resolution" section of KB 3148821. (This section describes how to apply the XmlDSigXsltTransform registry key.)
Properties

Article ID: 3171593 - Last Review: 06/20/2016 17:36:00 - Revision: 1.0

Microsoft SharePoint Server 2013, Microsoft SharePoint Server 2013 Service Pack 1, Microsoft InfoPath 2013

  • KB3171593
Feedback