Welcome Dialog

Welcome to the Community!

We have a brand new look! Take a tour with us and explore the latest updates on Adobe Support Community.


Adding a CRL file to the cache

Explorer ,
May 20, 2020 May 20, 2020

Copy link to clipboard

Copied

Is it possible to add a CRL to the Acrobat cache (the \AppData\Roaming\Adobe\Acrobat\DC\Security\CRLCache directory )? I have the CRL file I nedd and I can copy it to the directory. What I need is to change its name, but I don't know how to find the correct name - every file in that directory has name looking like a hash (it is not a hash of the file). Any ideas ?

TOPICS
How to, Security digital signatures and esignatures

Views

664

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

Explorer , May 22, 2020 May 22, 2020
OK. Problem solved. The name of the file is the hash (SHA1) of the CRL distribution point from the signer's certificate. 

Likes

Translate

Translate
Explorer ,
May 22, 2020 May 22, 2020

Copy link to clipboard

Copied

OK. Problem solved. The name of the file is the hash (SHA1) of the CRL distribution point from the signer's certificate. 

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Community Professional ,
May 22, 2020 May 22, 2020

Copy link to clipboard

Copied

Hi barthmaul,

 

Just a word of advice , SHA1  is basically deprecated.

 

Consider these notes:

 

https://isc.sans.edu/forums/diary/SHA1+Phase+Out+Overview/20423/ 

 

 

https://en.m.wikipedia.org/wiki/SHA-1 

 

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Explorer ,
May 23, 2020 May 23, 2020

Copy link to clipboard

Copied

I know it is deprecated, I was even using a tool to create two different PDF files with the same SHA1 hash. But in this case the SHA1 is used just to create the correct name for the file in the CRLCache. That souldn't be a problem because if you put a false CRL file, the application will not accept it. 

And what is most important - It is not my idea, this mechanism is built in the Adobe Acrobat (I could not find the description of it, so I was doing some tests and I found the correct answer). 

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Employee ,
May 18, 2021 May 18, 2021

Copy link to clipboard

Copied

LATEST

The current state of cryptanalysis against the SHA-1 algorithm allows for collisions, but not for pre-images.

This means that SHA-1 is not secure anymore for digital signatures and other security applications, but it remains acceptable for integrity verification and file indexing (like this use case).

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines