Adobe 22002486 Digital Signature User Guide - Page 112
When Timestamps Can't be Verified..
View all Adobe 22002486 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 112 highlights
Acrobat 9 Family of Products Security Feature User Guide Validating Signatures Validating Signature Timestamps 112 Note: The following steps add a timestamp certificate to your list of trusted identities. 3. Choose Show Certificate. 4. When the Certificate Viewer appears, choose the Trust tab. 5. Choose an item in the left-hand certificate path field. There may be one or more certificates which make up a certificate chain. Tip: If the bottom-most certificate on the chain is selected, then only that certificate will be trusted. If the top-most certificate is selected, then any certificates having that certificate as a root will be trusted. For example, if the root certificate is issued by VeriSign and it is trusted, then other certificates having VeriSign's certificate as the root (also issued by them) will also be trusted. It is a best practice to trust the topmost certificate that you are willing to trust. Revocation checking starts at the bottom of a chain (begins with the end entity), and once it reaches a trusted root revocation checking stops. 6. Choose Add to Trusted Identities. 7. When asked if the certificate should be trusted from within the document, choose OK. Figure 82 Revalidate signatures warning 8. When the Import Contact Settings dialog appears, configure the its trust levels. For details, see "Certificate Trust Settings" on page 35. The Policy Restrictions tab will not appear if there are no policies associated with this certificate. 9. Choose OK. 10. Choose OK. 11. Choose Validate Signature on the Date/Time tab of the Signature Properties dialog. The icon should change to a clock if the check is successful. 7.3.6.1 When Timestamps Can't be Verified. . . If a signature is timestamped but cannot be verified, open the Trusted Identity Manager and verify: A certificate is associated with the timestamp server. Verify the timestamp authority's certificate is in the certificate list. The trust level of the certificate is set. Choose a certificate and verify that the trust level is set for signing. The certificate must either be a trust anchor or be issued by someone whose certificate you have specified as a trust anchor.