Office of Labor-Management Standards (OLMS)
Signing Your Form LM-2 Using a Digital Signature
If you are submitting your Form LM-2 report electronically using the Adobe PDF-based software, you must acquire a digital signature.
This Digital Signature Guide is designed to take users step by step through the process of applying the digital signature to the completed LM Report and troubleshoot some common issues that may arise.
- Digital Signature Guide (PDF)
- Aplicación de su Firma Digital en los Informes LM-2, LM-3 y LM-4 (Digital Signature Guide in Spanish - PDF)
If you are still experiencing problems or have questions about digitally signing your LM Report, call the OLMS Help Desk at (toll-free) 1-866-401-1109. You may also send such questions by email to firstname.lastname@example.org.
To obtain a digital signature, you must purchase an ACES (Access Certificates for Electronic Services) digital certificate.
An ACES certificate can be purchased through IdenTrust. If you have any questions or problems with the purchasing procedure, contact IdenTrust's Help Desk directly at 1-888-339-8904. The certificate purchased can be either a business or an individual certificate.
If you currently have an AT&T ACES digital signature (government), you may use that signature to sign this form.
The FAQs below address the procedures and cost of obtaining digital signatures.
- What is Public Key Infrastructure (PKI)?
- How does it work?
- What is public key cryptography?
- What is a digital certificate?
- How does the digital signature work on my report?
- Where can I sign up for a digital signature?
- Do I need an individual certificate or a business certificate?
- What does it cost?
- For how long is the digital certificate valid?
- Can the digital certificate be used only for signing the Revised LM-2 report?
- What methods of payment can I use?
- How long does it take to obtain a certificate?
- How do I apply a digital signature to my report?
PKI is the software used to manage and control the large-scale use of public key cryptography. It makes possible secure electronic transactions and exchanges of sensitive information over the Internet.
A PKI is based on two technologies: public key cryptography and digital certificates.
Each user gets a pair of electronic keys which are linked:
- a private key, which the user must keep secret;
- a public key, which is published and available to all.
Using these keys, two communicating parties can safeguard information they send to each other. The sender encrypts, or scrambles, information before sending it. The receiver decrypts, or unscrambles, the information after receiving it. While in transit, the encrypted information is unintelligible to an intruder.
A digital certificate is an electronic file which contains personal information on its owner, such as the name and email address, as well as this owner's public key. A certificate acts as an identity card for each user; it will identify the user to all other participants, as does an ID in the physical world. A certificate is also the proof of ownership of a public key.
Certificates are issued by a Certification Authority (CA), which is responsible for their content. The CA signs the certificates it creates. This enables users to know what CA created each certificate. The signature also ensures that the certificate has not been altered by a third party.
You sign the electronic report with your own private key. This allows OLMS, which has your public key, to decode the report. Because OLMS is able to decode the report with your public key, and you are the only one who has access to the corresponding private key, it is proven that you really did encode (sign) it.
You can purchase an ACES (Access Certificates for Electronic Services) digital certificate through IdenTrust.
Individuals required to sign Form LM-2 may use either an individual or a business certificate.
The cost is $70.00 for an individual certificate, or $119 for a business certificate.
The certificate is good for two years.
No, the ACES digital certificate can be used with any U.S. Government agency that is participating in the General Services Administration's ACES program.
You can use Visa, MasterCard, or American Express.
Once the IdenTrust Certificate Authority has received your online application it may take up to 5-7 working days to obtain the ACES digital certificate.
After the Digital Signature has been properly installed, applying the signature is easy. Click the signature line. A pop-up should indicate “There are no errors in this form.” Click OK. Another pop up will indicate “The form is reyeady for signing. Click the signature again to sign.” Click OK and a red arrow should appear in the signature block. Click the arrow to apply the signature. Click Continue Signing… button in the pop up alert. Select the digital ID previously installed, and click OK. Click Sign and Save As to complete the form and save it with signature.
Once you have successfully signed the form, a green checkmark should appear next to the red arrow. The green checkmark indicates that the form has been signed, and there have been no changes to the form since the signature was applied. If any data in the form is changed after the signature is applied, the signature will disappear, and must be re-applied.
Last Update: 09/28/10