4 Replies Latest reply on Sep 16, 2015 7:57 PM by michaelw47219526

    Digital Signatures: General Questions

    DeclanDonnellyAblynx

      Hi,

       

      I am hoping someone can help me.  Please understand that i am new to this so I might sound a bit stupid. I have been asked to setup digital signatures (for our own internal use only) in my company and I am having some difficulties in doing so.  It took some time but I managed to get an internal CA up and running and now I have my own digital ID.  When I use this digital signature to sign a test document and send it to my colleague, he gets the following message:

       

      'Signers identity is unknown because it has not been included in your list of trusted identities and none of its parent certificates and trusted identities'

       

      The good news is that I managed to get past this error message on MY own PC.  In Adobe Professional, I went to Edit=> Preferences => Security => Advanced Preferences => Trust All root certificates in the Windows Certificate Store for the following operations => Selected 'Validating Signatures'     This worked.  I checked this up and it said:

       

      Windows Integration:

      Specify whether to trust all root certificates in the Windows Certificates feature when validating signatures and certified documents. Selecting these options can compromise security.   Note: It is not recommended to trust all root certificates in the Windows Certificate feature. Many certificates that are distributed with Windows are designed for purposes other than establishing trusted identities.

       

      My problems is that I don't know how to get rid of this error message using another solution.  What are the drawbacks of having this selected?

       

      The second error message I get is as follows:

       

      'Signature is valid but revocation of the signer's identity could not be checked'

       

      Again I am able to solve this by going to Edit=> Preferences => Security => Advanced Preferences => UNTICKING 'Require certificate revocation checking to succeed whenever possible signature verification'  When this option is unchecked the error goes away and my signature is fine.

       

      We are using signatures for internal use only so is  revocation checking necessary?

       

      Thanks in advance if anyone can help.

       

      Regards,

       

      Declan

       

      P.S I have it working but to be honest, I don't know why!! :o) :o) :o)

        • 1. Re: Digital Signatures: General Questions
          michaelw47219526

          I also have an issue with the digital signature. I have used the same signature for my business since 2003. Now all of sudden it doesn't sign the documents as it did beforehand, I spent 7 hrs last night trying to sort it out even with technical support. I'm demanding my monies to be return. not because it does do want it to do, because I sick to death of software companies like Adobe who promote the product but fail to inform people what changes have applied to the new versions, plus since I down loaded the upgrade my internet explorer now work extremely slow. I feed up with software companies using their customers as guinea pigs whilst charging the customer for the privilege. After spending nearly 2 hrs with customer technical support until 1.35 am in the morning a losing valuable time & monies they want me to continue to contact them to sort the issue out. Not going to happen. Adobe can get off its backside and fix the issue. I also see that securing the document also has different features in it. You can secure the document but it still allows others to alter it, what joke.

           

          All adobe are interested in money grabbing schemes they have become a big disappointment for such a powerful software program. I also doubt they give a toss either since they have haven't answered your question either. I will be looking to see if the ACCC can take the issue on today. 

           

          one very annoyed customer

           

          Michael.  

          • 2. Re: Digital Signatures: General Questions
            IsakTen Level 4

            It'd be nice if instead of venting on this forum which is mostly answered by technical people (many non-Adobe)  who have next to none influence on getting your money back (or in addition to venting) you've also provided specifics of what's going on.

            First, learn and use correct terminology. You are not "using the same signature". You are using the same signing certificate to sign many signatures. Please, provide detailed description of your workflow and experience, indicating what's going on wrong. Do you get any alerts, UI indicators, etc.?

            One possibility is that your certificate has expired. Each digital certificate has a validity period and cannot be used outside its range. Are you using a self-signed certificate that you created in Acrobat or have you procured it from a Certificate Authority (CA)? Have you installed your certificate in the Acrobat store (Digital IDs) or Windows store (if you're on Windows) or keychain (if you're on Mac)?

            Which product (Acrobat/Reader) do you use? Which version, including minor? Which platform (Mac/Windows), which OS/version/SP?

            Examine the store in which your signing certificate is installed and examine your certificate. My bet is that it has expired. If this is the case you need to procure a new signing certificate (either create a new self-signed one or procure it from a CA).

            • 3. Re: Digital Signatures: General Questions
              IsakTen Level 4

              The better way to do get your signatures validated is to use Acrobat facilities not Windows facilities. When you have a signature that is not trusted, right-click on the signature, select "Show Signature Properties" and then "Show Signer's certificate". In the Certificate Viewer that comes up. select the root (top) certificate in the left pane and then click on the Trust button in the right pane. Then click on "Add to Trusted Identities". When you do that be sure that you know who the root is and that you really trust it.

              • 4. Re: Digital Signatures: General Questions
                michaelw47219526 Level 1

                First a foremost I wasn't venting anything. The Adobe signatures has changed, I spent many hours after that post with technical support from Adobe, they couldn't fix it, I have had experienced managers on the phone to me for over a week, In the end I been given a full refund, I have never used windows signature. I also have made it clear if adobe get it right I will upgrade to Adobe Acrobat DC again. Adobe need to fix the issue and not at the expense time of it customers.