Skip to main content
T
Ted22378497iepu
Participant
August 11, 2022
Question

Trust ALL root certificates in the Windows Certificate Store for: - NOT WORKING!!???

  • August 11, 2022
  • 4 replies
  • 3940 views

Hi Adobe Support

 

I work for a fairly large organization and with the update to Adobe Acrobat Reader 2020.005.30362 (classic track) we encountered an issue with verifiying signing certificates. 

 

Under EDIT>:Preferences>Signatures>Verification -> Click "More"

 

At the bottom of this window is the Windows Integration section where you can set Reader to search the Windows Store for validating signatures. ->THIS FEATURE IS NOT WORKING WHEN PROTECTED MODE IS TURNED ON! 

 

This feature should still work with Protected Mode turned on. 

 

We had to manually import our trusted root certificate. We have major concerns if we start asking each user to do this. 

 

Questions: 

1. I know there is a Known issue close to this but it is poorly worded on the Adobe Website . It reads : 

  • Problem: Unable to digitally sign a PDF in the browser when Protected Mode is enabled in Acrobat Reader on Windows 10 version 20H2. [4325829]
  • Can more information about this issue be provided. Is this what is causes our Adobe Reader not to ingetgrate with the Windows Certificate Store?

2. Are there plans to resolve this issue in a later release of Adobe Reader 2020?

3. Was there a change in the release of 2020.005.30362 that caused this issue? ie: were you guys trying to address another security issue by making people manually import their root certificates?

4. Reader 2020 has quite a number of issues with it. Could I ask how much longer you guys intend to support Adobe Reader 2017? End of life was supposed to be in June but an update for it was released this week. Whats going on?

 

The windows integration settings should work as labelled. If they dont, there should be an item in the known issues section. 

 

Thanks for your help with this....

 

Ted

This topic has been closed for replies.

4 replies

J
JWhetstone02
Participating Frequently
August 9, 2023

This latest update released for the Classic Track, 20.005.30514, fixes the issue where root certificates from the Windows Store are not being trusted with Protected Mode enabled. Our users can now digitally sign and validate their digital signatures with Protected Mode enabled. Finally.

Meenakshi_Negi
Meenakshi_Negi
Legend
August 10, 2023

Hi JWhetstone02,

 

Thank you for updating us about this. Glad to know the update worked for you.

Let us know if we can be of any further help.

 

Thanks,

Meenakshi

 

 

Marking a reply or response “Correct” will help future users with the same issue quickly identify the correct answer.

J
JWhetstone02
Participating Frequently
April 12, 2023

So I had a ticket opened with Adobe on this issue back 2 month ago. They collected logs and and sent ir off to their engineering team. This was my response for asking for a timeline 

 

"The ETA for bug # ADC-4392895, on the other hand, is March 2023"

 

Well the next update has been released for the Classic Track, 20.005.30467 and this update does not fix this issue! This is starting to get frustrating from an Enterprise level with all the Digital Signatures required. This issue is not present in the Continuous Track, which we are not looking to move to for the time being.

Meenakshi_Negi
Meenakshi_Negi
Legend
April 12, 2023

Hi JWhetstone02,

 

Thank you for reaching out, and sorry about the trouble caused.

 

We have checked the bug number shared above. 

I am afraid the issue is still unresolved, and the team is still working on the fix.

We will update you once the issue is resolved.

 

Thanks,

Meenakshi

J
JWhetstone02
Participating Frequently
October 12, 2022

This new version 20.005.30407 (planned updated Oct. 11) does not correct the issue either. How are users supposed to validate signatures when Reader nor Acrobat can intergrate the Widnows Certificate store for validation?

 

Importing certificates on 10,000+ machines is not an option we are willing to exercise when the feature within Acrobat & Reader should work as labeled "Trust ALL root certificates in the Windows Certificate Store for:" Validating Signatures

J
JWhetstone02
Participating Frequently
September 21, 2022

I can confirm this issue is present in our enviroment as well. Root certificates from the Windows Store are not trusted with Protected Mode enabled and none of our signatures will validate form our CA. This is happening on version 20.005.30382 on both Windows 10 & 11 21H2.

 

I can resolve the issue by doing either of the following

- Disable Protected Mode

- Install version 20.005.30334 or earlier

 

Neither solution is acceptable on our end from a vulnerability & security standpoint.

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices