• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

Security violation error (error code 2148532330) in Acrobat Pro XI with Windows 8

New Here ,
May 29, 2013 May 29, 2013

Copy link to clipboard

Copied

I have two certificates, physically residing on the same (Belgian) government issued smart card. One is labeled "Authentication" (Intended usage: sign transaction), and the other is labeled "Signature" (Intended usage: sign document). I have been trying to add a signature to a pdf document in Acrobat Pro XI (trial) on WIndows 8 Home (64 bit). It works perfectly with the "Authentication" certificate, but all attempts with the "Signature" certificate yield the following error:

Error encountered while signing:

The Windows Cryptographic Service Provider reported an error:

Access was denied because of a security violation.

Error Code: 2148532330

The only relevant difference between both certificates that I have been able to spot, is in the "key usage" field of the certificate ("sign transaction" versus "sign document"). Any thoughts on what might be wrong?

Thanks.

TOPICS
Security digital signatures and esignatures

Views

18.9K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Advocate ,
May 29, 2013 May 29, 2013

Copy link to clipboard

Copied

"Sign transaction" means that the certificate is used to sign digital signatures. "Sign document" (in Acrobat-speak) actually means non-repudiation (revocation check is required for this certificate, subject to user preferences). Certificates that I have, have both . "Sign transaction" and "Sign document" usage bits set. You canot sign with a certificate that does not have "Sign transaction" usage. I do not know what's the purpose of a certificate that has only Non-repudiation (aka "Sign Document") usage set.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
May 31, 2013 May 31, 2013

Copy link to clipboard

Copied

Hi,

I have the same problem. I've tested with Adobe Reader version 9.5, 10.1 and 11.0.3 and different OS versions  All versions give the same error.

This is also with a Belgian Eid card. Same behavior: can sign with authentication certificate, but not with signature certificate.

Any one knows a solution for this?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jun 04, 2013 Jun 04, 2013

Copy link to clipboard

Copied

Hey,

Problem is not linked to Adobe but seems to be a general problem with the Belgian eID and probably his middleware when accessing the certificate with KeyUsage=Non-Repudiation". You can easily reproduce he problem when signing a message under OUTLOOK (2010) and also with DigiSigner or PDF Sign & Seal from Ascertia. Need to find a contact at Fedict (the guys which have ownership of the Belgian eID middleware).

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Jun 05, 2013 Jun 05, 2013

Copy link to clipboard

Copied

I assume you are implying "biztax" application here, right?

I have contacted their program lead, with no result at all.

Past days I have been searching for a solution - reinstalls / new systems - no solution.

This issue appeared a week or two ago only.

I found http://forums.adobe.com/message/5338853 useful - but no positive results either.

http://test.eid.belgium.be/faq/faq_nl.htm obviously didnt help either.

If anyone finds a solution to this issue, please do let me know - any help is appreciated.

Biztax tells to use the "signature", not the "authentication"  - but it is only Auth. that is showing up as option to sign (that works)

ps, did you fiddle with the Adobe Reader XI security settings and import that PKI etc as well? I hoped that would be the breaktrough. Sadly i'm still crying in my chair.

Oh, and dont forget: they claim nobody else got this issue. Maybe one or two people. (We got about 8 customers experiencing exactly the same symptoms at the same time )

>  I noticed that when I try to open the pdf  document that is 'signed' by the government it is not showing the filename in the title bar, but only " - Adobe Reader".    every piece of info helps I guess.

Obviously last version of Reader   11.0.03

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jun 05, 2013 Jun 05, 2013

Copy link to clipboard

Copied

Hi,

I actually got a very helpful response from the people at FedICT. They made me manually install the module C:\Windows\System32\beidpkcs11.dll from the Edit>Preferences>Signatures>Identities & Trusted Certificates menu (>Attach Module). I am now able to use the "Signature" certificate to sign documents in Acrobat XI Pro.

Great!

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Jun 05, 2013 Jun 05, 2013

Copy link to clipboard

Copied

Hi m-beck,

I tried to do the same - but Adobe Reader was unable to "sign in" to that module. Is there a known password for this?

Maybe it is not asking for one when using the Pro edition?

I use the free adobe reader.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jun 05, 2013 Jun 05, 2013

Copy link to clipboard

Copied

AAA_BE,

I can say that I had to be signed in to Windows with an account that has administrator rights in order to do what I described. Also, you could consider turning "Protected Mode" off in Reader (Edit>Preferences>Security (Enhanced)>Enable Protected Mode at startup [uncheck]).

m-beck

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jun 05, 2013 Jun 05, 2013

Copy link to clipboard

Copied

"Oh, and dont forget: they claim nobody else got this issue. Maybe one or two people. (We got about 8 customers experiencing exactly the same symptoms at the same time )"

... is bullshit. As mentioned earlier, a similar access denied problem can be reproduced with other tools than the Adobe tool. Signing with OUTLOOK and third-party PDF signing tools produce similar error messages.

I opened a ticket at Fedict and will put their return on the forum once received.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Jun 05, 2013 Jun 05, 2013

Copy link to clipboard

Copied

I did not completely understand what you mean - but you are saying that this is an issue completeley in the hands of fedICT right?

I have opened several mails, including to their chief - with no result.

Only response I have had so far was "Select the signature cert".  helpful.

Hopefully they can give you more useful information

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jun 13, 2013 Jun 13, 2013

Copy link to clipboard

Copied

Hi AA, John, Others that are searching

First off all I would like to thank you all for your troubleshooting and analysis, that gives me the chance to just read, pick up and jump into this...

since today we have the same issue. We can logon (authenticate) but are unable to sign a PDF. error code: 2148532330

Did someone, since its 8 days ago, get answer from FedICT? Then, how did you contact these guys because I just can't get true to their support line or lets say, to the support that would make sence to solve this issue.

Situation is like this:

Windows terminal server 2008 R2

people work with thin clients or laptops

IE 10.0.9200.16576

Adobe reader X

e-ID v4.0.4 142

I just updated adobe to version 10.1.7

Hope to get some feedback. If you need more info from me, please do not hesitate to ask.

kind regards

Rikke

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Jun 13, 2013 Jun 13, 2013

Copy link to clipboard

Copied

Hello all,

I forgot to mention that I received a message from fedICT about the issue.

"follow this to make the problem go away"

It is utter bullshit if you ask me - I still think they screwed up with their own certificates / software - but it does work now.

I used this procedure earlier but it didnt work then. Now the hamsters in their servers started to do their job I guess.

So how do I upload a pdf in here with those instructions....

Nevermind - cheated a bit in imageshack and hopefully you can open this pdf: 

 

http://imageshack.us/photo/my-images/43/windowscryptographicerr.pdf

Click on that continue to media button on the topright.

Hope this helps

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jun 12, 2021 Jun 12, 2021

Copy link to clipboard

Copied

Good morning, i dont know if you resolved your problem because the problem is there since 2013 but i found a solution. I had the same problem.

And in fact, your card id has to be connetced to your pc.  And when you choose your signature, you have to put your pin code of your card Id on your connector.

The program says nothing but your connector ask your pin.

Nothing tells you to do that and it's the problem but if you see the connector you will see that ask you the pin code. 

Voila, how my problem "error code 2148532330" has been resolved.  🙂

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Mar 14, 2023 Mar 14, 2023

Copy link to clipboard

Copied

LATEST

What is a "connector"?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jul 04, 2013 Jul 04, 2013

Copy link to clipboard

Copied

I got the following answer from FEDICT which describes a workaround while they are working on an update of their middleware

U kan als tijdelijke workaround de volgende procedure volgen:

Onze ontwikkelaars zijn momenteel bezig met nieuwe installatiepakketjes te bouwen die deze nieuwe minidriver bevatten. We hopen deze zo snel mogelijk te kunnen  publiceren op onze website.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines