Quantcast
Viewing all 4693 articles
Browse latest View live

Acrobat Reader DC fails to check Certificate Revocation List (CRL). How to fix?

October 4, 2016, 10:43 am
$
0
0

Hello everyone. I have installed Active Directory Certificate Services, with the web component.

I have deployed the CA certificate to the machines and i can effectively see the certificate in mmc being trusted.

I create a user certificate with MMC and sign digitally a PDF with acrobat reader DC. However acrobat complains that it can't check if the certificate has been revoked, with the following error:

Error when downloading the CRL list
Location: ldap:///CN=MY_CA_NAME,CN=SERVER_NAME,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Con figuration,DC=MY_DOMAIN,DC=com?certificateRevocationList?base?objectClass=cRLDistributionP oint 
Cannot connect to server.

However, on the same machine when using certutil -url with that complete ldap url, here's what i get:

I click the "recover" button with the CDP option checked (it's the default) and i do get both the base CRL and difference without errors. I do get a warning that says that the certificates or CRL have not been thoroughly checked because they may be incoherent or don't have the extensions loaded to allow a correct check.

The CA server is on win 2012r2, the client is windows 10 1607, however i have checked other clients. These are all in our company domain, with my domain user account.

Additionally, i can go to http://my_server/certsrv and i do get the website where i can check the CRL and it downloads correctly as well.

Note that i do NOT have the Online Responder role feature installed. I didn't install it because this same configuration seemed to work in a virtual 2012r2 server /win 7 client on virtualbox.

On my virtual server and client, adobe says that the certificate does not provide information on how to verify that the certificate has been revoked, but i really don't care about that, i only care than when i click on "verify signature" it says that it is VALID.

How can i fix this?

Search

How to allow adding attachments in addition to filling in form fields and signing existing signature field

October 4, 2016, 11:22 am
$
0
0

How to allow adding attachments in addition to filling in form fields and signing existing signature field while creating a secured pdf document?

Image may be NSFW.
Clik here to view.

Certificate e-signing only works once

October 4, 2016, 12:34 pm
$
0
0

I have several users who report that they are unable to sign more than one document at a time. We are using Smart Cards that hold the certificate and when we try a 2nd time to sign a document the field where we enter the PIN is missing. At this point we must close Adobe DC and restart.

Hoe werkt de digitale handtekeningen

October 5, 2016, 1:53 am
$
0
0

Ik wil graag gebruik gaan maken om digitaal handtekeningen te plaatsen, echter wil ik iemand erover spreken die nederlands praat omdat ik een aantal specifieke vragen hierover heb.

Acrobat DC not honoring Trust Manger Setting for Trusted Cert Updates

October 5, 2016, 9:21 am
$
0
0

Adobe Acrobat DC Classic version 2015.006.30201

Running on Windows 10 1607 x64

 

Problem is that when a digitally signed PDF is opened for the first time on a PC, the Trust Manager settings are not honored, and the user is prompted with the Trusted Certificate Install window.

Image may be NSFW.
Clik here to view. AcrobatDC_TrustedCertPrompt.jpg

 

The settings for Automatic Trusted Cert updates has been enabled and ask before updating has been unchecked as shown here.

 

Image may be NSFW.
Clik here to view. AdobeTrustedCertSetting.JPG

 

Is this a bug or is there another way to silently allow these certificate updates?

Receive a Secure Application

October 5, 2016, 11:27 am
$
0
0

I have a client that wants to upload an application to their site for potential employees. This document will be asking for personal information like social security numbers. My client wants all personal information to be secured/encrypted once it's been entered by the applicant—there is a submit button and signature field on the PDF. My coding skills are limited—to say the least—and I'm not sure how to go about securing information that is being entered by another party and being forwarded on.

 

Any help would be appreciated!

 

Thanks!

When attempting to digitially sign a PDF document with multiple signiture locations: Receive : Error encountered while signing. The Windows Cryptopgraphic Service Provider reported an error: One or more of the supplied parameters could not be properly i

October 5, 2016, 12:14 pm
$
0
0

Trying to sign multiple documents in side Adobe 11.0.17.  On the paperclip items I sign the documents, then when I sign the master document that locks the entire file I receive the following error:

 

- Error encountered while signing:

                                The Windows Cryptopgraphic Service Provider reported an

error: One or more of the supplied parameters could not be

  properly interpreted. Error Code: 2148532228

 

Has anyone experienced this, as I can not find this error code anywhere.

Image may be NSFW.
Clik here to view.

Signing with SHA 1 Certificate in Adobe Acrobat Pro DC

October 5, 2016, 1:01 pm
$
0
0

Hello,

 

I have a problem with a user trying to sign a document with their SHA 1 certificate, but for some reason the Adobe Acrobat Pro DC will not use it even if its being told to in the signature settings. Is there a reason for this? Is there compatibility issues with that old of a cert?

Search

How to password protect a document? T he Security tab under Properties does not allow password protection.

October 5, 2016, 12:39 pm

var dc = sh.directories[0].connect(); is not able to connect it is throwing error like

October 6, 2016, 7:45 am
$
0
0

Directory.connect:24:Batch undefined:Exec

Connection could not be established. Check your directory configuration settings.

Your help needed to solve this issue

my code

var sh = security.getHandler("Adobe.PPKMS");

// Connect to the directory containing the user certificates:

var dir = sh.directories[0];

var dc = dir.connect();

// Search the directory for certificates:

dc.setOutputFields({oFields:["certificates"]});

var importantUsers = dc.search({oParams:{lastName:"Smith"}});

var otherUsers = dc.search({oParams:{lastName:"Jones"}});

// Allow important users full, unrestricted access:

var importantGroup = {

userEntities: importantUsers,

permissions: {allowAll: true}

};

How do you set an expiry date on a PDF in Adobe Acrobat DC?

October 6, 2016, 9:06 am
$
0
0

I'm not overly familiar with the newest version of Adobe Acrobat DC and I need to set an expiry on a PDF due to copyright reasons. Would anyone be able to give me a quick step by step?

 

Thank you!

Image may be NSFW.
Clik here to view.

Unable to sign pdf

October 7, 2016, 2:07 am
$
0
0

I cannot sign PDF. Its greyed out! HELP , checked security settings and there are non and Signing is Allowed. So why can i not sign or why can i not enter any text? HELPPPPPP

how to insert a digital signature block for fillable form

October 7, 2016, 11:35 am
$
0
0

Just upgraded to Adobe Acrobat DC. How do I to insert a digital signature block for fillable form?

Image may be NSFW.
Clik here to view.

I cannot sign drawing

June 7, 2016, 10:13 am
$
0
0

When sign drawing, I always get following error message:

"The Windows Cryptographic Service Provider reported an error:

Keyset does not exist

Error Code: 2148073494"

 

Any idea what is wrong?

 

Thanks

 
 
 
 
 
 
 
 
 
 





Image may be NSFW.
Clik here to view.

Why is it so hard to find information about press print quality for flattening since security can easily be hacked?

October 9, 2016, 8:45 am
$
0
0

How do I protect my pdfs now? I sell my pdfs for printables and need to lock down the graphics and text while also allowing the buyer to print these up.

 

Currently the print shops my buyers use are slowly migrating to automated printing programs where the buyer needs to separate the pdf pages for these automated systems in order to put in print orders. In the long run locking the pdfs would only create more of a hassle with all this. These print shops only take pdfs. So flattening the pdfs seems the obvious way to go now to protect the graphics.

 

I need to flatten the pdf pages but the best quality press print quality so far has been with Powerpoint 2013 to Acrobat XI to print using print to image. I have been reading for days all the ways you can flatten here but many times it is with different versions of Acrobat and I am not able to follow the advice since it doesn't match up with my version. Also I have not found any of the suggestions that print up well of the ones I could follow.  I have made so many settings changes to test this all out too and it really is a Pandora's Box, I need to reset Acrobat and start over. Is there a reset button?

 

I bought Acrobat XI for the security and well I don't feel like Adobe is really addressing good options now that these passwords can be easily hacked on websites for free. All I get from Adobe after a clean install is a pop up that explains when I secure a document it can be unsecured. Ok Adobe, then what do we do now?

 

It sure would be nice to have a break down on this site of best settings for each version of Acrobat for press quality printing a pdf.

 

I did try the Sanitize and that seemed to do better than most of the other ways I had tried, but some of the outlines of the graphics are missing in spots.

 

I export from PP 2013 at 300dpi after a registry change and also checked in advanced settings "Do not compress graphics."

 

I added the Print Production button and some say use the Flattener Preview but really what settings should that be in if that creates the best print job?

 

I have gone into the Preflight but I really don't get how to set all these settings.

 

I have downloaded several pdfs on this site on how to use Sanitizer etc but none really address much. 

 

Perhaps Acrobat can't do a good print job and that is why the answers are so hard to find at this site? Any suggestions what would work better?

 

I have done the turn the pdf into tiffs in Acrobat XI and then combine the pdfs and it doesn't do a great job of printing. Also tried it with pngs and not so great.

 

I have done the saving as optimizing and not that great.

 

I have bumped the dpi in Acrobat XI to 600dpi and that did better but doesn't flatten it.

 

I have printed to Adobe Printer and that was not good at all.

 

When I use the old method of PP2013 to pdf the print job is good. Some how with all those layers it will print up fine. So I do think Acrobat has the ability to compress without so much fuzziness.Or is it PP2013 that is doing the better compression? It can compress from PP2013 no problem but when it has to compress again it just gets sloppy. When I click to save from a PP2013 I just click the Save As Pdf. I don't have to make a ton of setting changes to get a good pdf. Why should I have to in order to get a good flattened pdf?

 

Why should I have to scour all these threads for basic better printing settings for Acrobat XI, it really should have a place with this info easily found with a search, like Acrobat XI settings for press quality flattening and printing.

 

I paid for Acrobat XI to improve my productivity and spending so much time looking on these forums has not been that productive.

Search

Adobe Reader XI - OCSP revocation checker issue

October 9, 2016, 10:18 am
$
0
0

Hello,

 

I have 2 issues regarding the OCSP revocation checker integrated in Adobe Reader XI:

     1. I have encountered a issue when trying to validate a digital signature created with a qualified certificate and without adding LTV data in Document Security Store(DSS), the problem is as follows:  the PDF file contains only the signature without any Long Term Validation data and the local CRL cache was deleted in advance. According to Revocation Checking Quick Key ( http://www.adobe.com/devnet-docs/acrobatetk/tools/QuickKeys/Acrobat_SigRevCheck_KeyAll.pdf )  this scenario would imply that the revocation checking process would be skipped to the moment of online OCSP checking (this can be confirmed by log files), the problem is that OCSP revocation status is "Trouble" because "OCSP response was not signed by an authorized responder.". The OCSP responder's certificate has the same issuer as the certificate used to create the digital signature, and the responder's certificate is designated to sign OCSP responses by containing an ExtendedKeyUsage - OCSP Signing(1.3.6.1.5.5.7.3.9).

According to http://wwwimages.adobe.com/content/dam/Adobe/en/devnet/reader/pdfs/acrobat_reader_security _9x.pdf  (page 105) the OCSP revocation checker should authorize the responder according to the methods described in RFC2560, which includes the scenario presented in the last sentence.

To conclude, the Adobe OCSP revocation checker does not authorize the responder even if it is compliant with the RFC2560 (and RFC6960) responder authorization methods. Therefore, I strongly suggest reviewing the authorization process of the OCSP responder.

I mention that this issue occurs on a clean Windows 7 Professional SP1 x64 with Adobe Reader XI (11.0.17) freshly installed. No other configurations were made.

 

     2. I know that the time at which signature validation should occur can be configured as Signing Time or Current Time, and according to http://https://www.adobe.com/devnet-docs/acrobatetk/tools/PrefRef/Windows/Security.html#id keyname_1_15702 the following rule is applied for OCSP revocation checking:  thisUpdate - iMaxClockSkew< validationtime< checkTime + iMaxClockSkew where checkTime is the later of the producedAt and thisUpdate, and the iMaxClockSkew is the number of minutes the local machine time can vary from the response's published time(default 5 minutes).

Now considering this timeline moments: T1 < T2 < T3 < T4 < T5 , let's suppose that a certificate C was issued at T1, then a PDF document was signed with C at T2 without adding Long Term Validation data in DSS resulting signature S, the certificate C was revoked at T3, and the certficate C expires at T5.

The moment when I'm trying to validate the signature S is T4 and Adobe Reader has it's default signature validation time as Signing Time.

Omitting the iMaxClockSkew, the first inequality ( thisUpdate< validationtime ) would never be satisfied because thisUpdate represents the revocation time namely T4, and the validation time  is signing time namely T2. This scenario leads to verfication if T4 < T2, which will always be false according to the premise T1<T2<T3<T4<T5, resulting in an erroneous revocation checking.

 

If  the time at which signature validation should occur is configured as Current Time then another problem occurs when the certificate is expired at the moment I want to validate the signature because the Adobe_ChainBuilder stops the signature validation before the revocation process starts  (according to log files).

 

Can Adobe be configured to consider Signing Time for ChainBuilder and Current Time for OCSP revocation checker ? More specifically, is there any way to configure the OCSP revocation check process to be conducted as follows ?

1. ALWAYS validation time = current time

2. Send OCSP request

3. Receive OCSP response with thisUpdate, nextUpdate, certStatus and optionally revocationTime

4. If certStatus is Revoked then compare signing time with revocationTime

5. Else compare validationTime  with thisUpdate and nextUpdate.

 

 

Best regards,

Alex

 

Image may be NSFW.
Clik here to view.

Fill & sign feature not working

October 10, 2016, 8:21 pm
$
0
0

When I have a PDF open in Adobe Acrobat DC, I select 'Fill & Sign' and the page goes blank.

 

Then, if I click on the X and exit out of the feature, the page reappears but I cannot drop in my signature.

 

How do I get this function working again?

 

Thanks.

How do I add a signature into Adobe so I can paste my signature on signature lines? Thanks

October 10, 2016, 7:39 pm
$
0
0

How do I add a signature into Adobe so I can paste my signature on signature lines?

I am looking for digital signature that I can sign and seal forms that we submit to local government agencies.

October 11, 2016, 4:38 am
$
0
0

I am looking for digital signature that I can sign and seal forms that we submit to local government agencies. I would like to use my Adobe Standard XI that has a built in fill & sign – place signature option aready in it.  I need it to be publicly verifiable to anyone one that opens it in Adobe (signature verified). I attached an example of one that I have signed.

 

Here is the law that I must meet.

 

FLORIDA

CHAPTER 5J-17

BOARD OF PROFESSIONAL SURVEYORS AND MAPPERS

 

5J-17.062 Procedures for Signing and Sealing Electronically Transmitted Plans, Specifications, Reports or Other Documents.

(1) Information stored in electronic files representing plans, specifications, plats, reports, or other documents which must be sealed under the provisions of Chapter 472, F.S., shall be signed, dated and sealed by the professional surveyor and mapper in responsible charge.

(2) A license holder may use a computer generated representation of his or her seal on electronically conveyed work; however, the final hard copy documents of such surveying or mapping work must contain an original signature and raised seal of the license holder and date or the documents must be accompanied by an electronic signature as described in this section. A scanned image of an original signature shall not be used in lieu of an original signature and raised seal or electronic signature. Surveying or mapping work that contains a computer generated seal shall be accompanied by the following text or similar wording: “The seal appearing on this document was authorized by [Example: Leslie H. Doe, P.E. 0112 on (date)]” unless accompanied by an electronic signature as described in this section.

(3) An electronic signature is a digital authentication process attached to or logically associated with an electronic document and shall carry the same weight, authority, and effect as an original signature and raised seal. The electronic signature, which can be generated by using either public key infrastructure orsignature dynamics technology, must be as follows:

(a) Unique to the person using it;

(b) Capable of verification;

(c) Under the sole control of the person using it;

(d) Linked to a document in such manner that the electronic signature is invalidated if any data in the document are changed.

 

I tried sending this one to another worker this morning and on their workstation using Adobe it say that “at least one of the signatures has a problem” and “ signature validity unknown”.

 

Is there a way I can do this in Adobe Standard XI and have any other Adobe Reader see that the signature is valid?

 

Thanks,

Darte

darte@crosssurveying.com

 

digital sign to all page by one click

October 11, 2016, 6:20 pm
$
0
0

I have adobe reader DC installed on my client,

 

I heard that adobe reader can sign all page by one click before,

 

but I cannot find this function to sign all page easily, do you have any advise, thank you.

Viewing all 4693 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>