Each Digital Certificate has a pair of private and public keys used for encryption/decryption. The private key belongs to the certificate owner and should be kept secret. It is protected by a password. The public key can be used by anyone. Digital certificates come in two flavors: one that contains both private and public key and one that contains only public key.
When you create a digital signature the signing process uses the private key to encrypt the signed content digest and the public key is used to decrypt it. So, only you can encrypt signed content with your certificate that has both private and private keys and anyone can decrypt it to validate the signature using certificate that has only public key. Usually, this certificate with the public key only is embedded in the digital signature, so that anyone can use it for decryption.
The .cer certificate contains only public key. Certificates with both private and public keys usually have extensions .pfx or .p12. You need one of those to sign.
CAcert.org issues only public key certificates. so you cannot use its certificates for digital signing.
Adobe is not a general purpose certification authority. It issues some certificates for internal use only.
Acrobat has a feature that allows you to create so-called self-signed certificates with both private and public keys but these certificates can be used only in a limited way. They do not provide the means to authenticate the real certificate owner nor revoke a certificate if it is stolen.
Generally, a digital signature asserts three main features:
1. Document integrity (document has not been changes since it had been signed),
2. Authentication (the signer is indeed what the certificate says)
3. Non-repudiation (the signature author cannot deny that he signed it: this is achieved via certificate revocation mechanism).
A self-signed certificate (of the type that Acrobat produces) can be used only for #1. It cannot be used for ##2 and 3. The latter two come only when a certificate (with private key) is issued by a reputable Certificate Authority which is trusted (like VeriSign, Symantec, etc.).