Certificate CA recently removed from AATL?

Report · Feb 08, 2017

Hi,

we been using Certum certificates to sign PDF documents. Recently I noticed the Certum CA was removed from the AATL?

So I have got the following questions @ Adobe:

1) Is there a way, to validate signatures with Certum certifcates signed in the past?

2) Which certificates are guaranteed not to be removed from the AATL to avoid such a disaster in future!

Thank you & regards

--Volker Paulsen

Report · Feb 10, 2017

Hi volker.paulsen,

Could you please visit the following link and confirm the CA you are referring to:

Adobe Approved Trust List Members, Acrobat

Report · Mar 08, 2017

He is referring to Certum by Unizeto (now assesco). I have the same problem.

Report · Mar 18, 2017

Hi felixlebel,

As I checked on this page: Adobe Approved Trust List Members, Acrobat , Certum is still there in AATL.

Report · Mar 21, 2017

I signed on 2016.03.21 a document that was showing as valid and certified at that date. When I reopen the document today, it says "Signature Identity is Unknown, not included in trusted list, etc", when it was in your trusted list at that date.

Here is my public certificate that I used to sign the document;

-----BEGIN CERTIFICATE-----

MIIHCDCCBfCgAwIBAgIQXBuypsEaS4wSvabtgBpW4TANBgkqhkiG9w0BAQUFADB4

MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5B

LjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRwwGgYD

VQQDExNDZXJ0dW0gTGV2ZWwgSUlJIENBMB4XDTE2MDgxNjIwMzEwMVoXDTE3MDIw

OTA2MTYwNVowejELMAkGA1UEBhMCQ0ExFDASBgNVBAoMC0ZlbGl4IExlYmVsMRcw

FQYDVQQLDA5QZXJzb25hbCBVc2FnZTEUMBIGA1UEAwwLRmVsaXggTGViZWwxJjAk

BgkqhkiG9w0BCQEWF2ZlbGl4bGViZWwxQGhvdG1haWwuY29tMIICIjANBgkqhkiG

9w0BAQEFAAOCAg8AMIICCgKCAgEAqNsuL5iMFiZlv8OE29ib0X3ETwsGRzBujKqO

D9VxD9dNl0GVuHerKQroxkRquphnSwEfzgpIsJRPdTsZ4c8QDiq8P4egfgWFQbSL

aajiNnWGa+oymeXOSe8/iRgS7+fJgv3TfK1XgROywGcR9eQ3D97BpWZYsAPMOc1R

PSUCCSuF2hGpYfOjAL1IbF9LW30FZW5ybzkCnArMSLsbspy6ImDkI3GhCl2Gy5zB

SmGBcgJJf5I9j/xk26dTEtzWURMca+wxRuIbwlZIzaXdT7BiOXA4lqivaCP8jKCt

rT73jMQqEo7CPl8ksx0lIRICzHPIj31Yfr8ahy0+cspYpdMJ5oNCdcnwtdI7jmW/

v9DkFEUegd67a0E2RPvZFqxWZEhnt40s3rCv3TO/RI+7WArkdQsiPpl0wtM7wWHo

x8urdreUzJ3pN2JMNFSQDazQggq8of7BVwTtGQ6miCTellZ8fy+eVZDlzXkEihTr

+Tfzct4Cy7R9izXEATNDqH3L/UhLQaeeGLrXh00GcCZ3AD57+2yQ4AKzO/XBJ5Yw

NVDRiIDAiPiHZvva65Y+jVVyWECR2p02Yj0gT8d6JQDRX7U54s/eenEQvzF76wbl

E5ijq1JPHkCEaWFJm2Gf0kNON+B5DvW1PAwByYLbtl6NIiWfh6csSsfimM2RVRpY

D7WwaAsCAwEAAaOCAoowggKGMAwGA1UdEwEB/wQCMAAwLAYDVR0fBCUwIzAhoB+g

HYYbaHR0cDovL2NybC5jZXJ0dW0ucGwvbDMuY3JsMGEGCCsGAQUFBwEBBFUwUzAh

BggrBgEFBQcwAYYVaHR0cDovL29jc3AuY2VydHVtLnBsMC4GCCsGAQUFBzAChiJo

dHRwOi8vcmVwb3NpdG9yeS5jZXJ0dW0ucGwvbDMuY2VyMB8GA1UdIwQYMBaAFATJ

2prcSkl3rzADBGYux87y+Bd9MB0GA1UdDgQWBBRza0bUAao5x7Dfox/9dIT2Mbs2

UTAOBgNVHQ8BAf8EBAMCBPAwggE9BgNVHSAEggE0MIIBMDCCASwGCiqEaAGG9ncC

AgMwggEcMCUGCCsGAQUFBwIBFhlodHRwczovL3d3dy5jZXJ0dW0ucGwvQ1BTMIHy

BggrBgEFBQcCAjCB5TAgFhlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMAMCAQEa

gcBVc2FnZSBvZiB0aGlzIGNlcnRpZmljYXRlIGlzIHN0cmljdGx5IHN1YmplY3Rl

ZCB0byB0aGUgQ0VSVFVNIENlcnRpZmljYXRpb24gUHJhY3RpY2UgU3RhdGVtZW50

IChDUFMpIGluY29ycG9yYXRlZCBieSByZWZlcmVuY2UgaGVyZWluIGFuZCBpbiB0

aGUgcmVwb3NpdG9yeSBhdCBodHRwczovL3d3dy5jZXJ0dW0ucGwvcmVwb3NpdG9y

eS4wHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBEGCWCGSAGG+EIBAQQE

AwIFoDAiBgNVHREEGzAZgRdmZWxpeGxlYmVsMUBob3RtYWlsLmNvbTANBgkqhkiG

9w0BAQUFAAOCAQEAeOaKT3hEzDUcHNXa5lqquKTMQUE8L4P3q+pjaTUgOIj61SKY

b6kMPa1RcfGeDR6FaOMn2pvwneIa59xTTv7whYcygRcnLs1gxW6Lyz6Iu8oehWQ8

91n7q3XPr+3gzJ1Fnyl2BMZNWckw7OjNtwLthCMYbLzDGsTP8WAJSW8EV08lkMfF

KSwgsXSfM1zAcU7SNSquMZqOrGI1OwJnGkEHNfX8kwbz1KUKULEaudxEFPSTBKXD

o8B3g4fNu7c9Ldc4xbRUPZarg2ljk9BQmYXQUMbtaaFo2ECMT61p7/GMC3jIJlsp

dlSJzP+agSReu0VdOLXe/thCOtv3EDC7QWs7VQ==

-----END CERTIFICATE-----

It was fully valid a few months ago. Have you removed the root certificate from the AATL? Have you not publicly announced this?

I am currently awaiting a call from adobe from "the highest support level" to get this fixed.

Report · Aug 28, 2017

ear Sir or Madam,

As required by Adobe Systems Incorporated, electronic certificates whose private keys are not installed on external media (USB, SSCD, etc.) are no longer validated in Adobe® Acrobat® and Adobe® Reader.

As a result of this change, our Certum ID certificates are no longer recognizable as trusted by the company's software.

At this time, the only electronic certificate issued by CERTUM, which is considered to be trusted in Adobe software, is the qualified certificate.

In the future, we plan to implement ID certificates that can be installed on a virtual card. Such certificates will be recognizable as trusted by Adobe.

Adobe Community

Certificate CA recently removed from AATL?

1 Correct answer