Not possible in Acrobat.com.
So if we have 100 public keys, each user has to open each public key, one at at time, and set the trust settings?
[discussion moved to Acrobat forum]
Yes, each user has to choose to trust each individual certificate. It would be a significant security hole otherwise.
This was the answer I was hoping not to get. Thanks for your reply.
You’ve been led astray, you can export (and ultimately import) trust settings. There is a bit of caveat on the import side, but I’ll get to that later.
There are four file types that you can export a Public-Key Certificate (PKC) as, two of which are generic for any PKC enabled app, and two that are specific to Acrobat (and when I say Acrobat I mean both Acrobat and Reader).
The first generic form is as a .CER file. The thing about a .CER file is it can only contain one PKC. The second generic format is as a .P7B or .P7C file. The advantage to this format is the file can contain all of the PKCs in a chain (e.g., Root CA, ICA, end-entity). Both the CER file and the P7 file are highly portable, but these file types don’t have a mechanism for including trust settings.
There are two file formats specific to Acrobat that do include trust settings, the first is the FDF file and the second is the Acrobat Security Settings file. When you create an FDF file that contains PKCs you have the option to sign the file. If you want the trust settings to be imported by the person you share the file with; a) you have to sign the file, and b) the file recipient has to have already trusted the signer, and then select the checkbox to import the trust settings assigned by the signer.
The problem with the FDF file is the recipient has to manually set trust for the FDF signer and that leads to a bootstrap situation that make this file format less than ideal. That problem has been solved with the last file format, which is why I left the best for last. The Acrobat Security Settings file must be signed, but if the recipient doesn’t already trust the signer they have the option to assign trust as part of the import process, and thus the trust settings get imported.
I hope this helped,
Thank you for that correction.
Thank you so much for your response to this question. I have tested exporting the trust settings with the Acrobat Security Settings file and it works great!
Thank you for your help with this,