1 Reply Latest reply on Mar 13, 2012 6:40 AM by SForrest96

    Understanding Digital Signatures on ES2

    andrehoang Level 1

      I know that JBoss uses the default ports 443 or 8443.

       

      I am with technical support for a global company and trying to troubleshoot why some users are unable to hit the the digital license server to authenticate before the PDF document opens. I noticed that some users who connected from home was able to open the document then come back to work and was able to open up other documents but after they authenticated successfully. We noticed this issue after the vendor upgraded to ES2 from ES.

       

      Error:

      This computer must be connected to the network in order to open this document. Your permission to open this document offline has expired. Make sure this computer is connected to the network and the Adobe LiveCycle Rights Management Server is running.

       

      My questions:

      Is there a range of ports that Adobe LiveCycle uses?

      Once authenticated with Adobe LiveCycle server, do a digital certificate downloads to the local machine?

      Does the certificate have a timeout or valid date before it expires?

      Why am I able to connect to the JBoss server one day then not able to the next day? The error above when not being able to connect.

      Any ideas on where we should start troubleshooting?

        • 1. Re: Understanding Digital Signatures on ES2
          SForrest96 Level 4

          andrehoang wrote:

           

          I know that JBoss uses the default ports 443 or 8443.

           

          I am with technical support for a global company and trying to troubleshoot why some users are unable to hit the the digital license server to authenticate before the PDF document opens. I noticed that some users who connected from home was able to open the document then come back to work and was able to open up other documents but after they authenticated successfully. We noticed this issue after the vendor upgraded to ES2 from ES.

           

          Error:

          This computer must be connected to the network in order to open this document. Your permission to open this document offline has expired. Make sure this computer is connected to the network and the Adobe LiveCycle Rights Management Server is running.

           

          My questions:

          Is there a range of ports that Adobe LiveCycle uses?

          No, Acrobat or Reader communicates with the RM server via HTTPS, the URL of the RM server that the document was protected witrh is embedded in the PDF.  If this url is unreachable, or if the SSL certificate is not trusted the connection error can occur.

           

          Once authenticated with Adobe LiveCycle server, do a digital certificate downloads to the local machine?

          Rights Management uses symmetric AES keys to encrypt\decrypt the document not x509 based asymmetric key parirs.  The AES key is delivered to the client over HTTPS, userd to decrypt the document on the client and then discarded

           

          Does the certificate have a timeout or valid date before it expires?

          No, Rights Management uses symmetric AES keys to encrypt\decrypt the document

           

          Why am I able to connect to the JBoss server one day then not able to the next day?

          Network issues?

           

          The error above when not being able to connect.

           

          Any ideas on where we should start troubleshooting?

          1) Determine if the problem occurs with a specific version(s) or Reader and or Acrobat

          2) Try to access the URL of the RM server via a browser to determin is there are any security warnings about the certificat used to establish the SSL connection.  If there are warnings, Acrobat and Reader will be unable to connect as there is no way to dismiss\bypass the warning like there is in a browser

           

          Regards

          Steve