Error 2148073513 When Attempting To Digitally Sign In Acrobat 11 Standard

Report · Feb 19, 2013

I'm attempting to use Acrobat 11 Standard to digitally sign a PDF document with a 2048 bit certificate from our internal certificate authority, and I'm receiving the following error:

Error encountered while signing:

The Windows Cryptographic Service Provider reported an error:

The requested operation is not supported.

Error Code: 2148073513

The operating system is Windows 7 Enterprise x64. When I remove Acrobat 11 Standard and install Acrobat 9 Standard on the same Windows 7 system, I am able to successfully sign the document using the same certificate that was giving the error with 11. Also we have been using Acrobat 9 on Windows XP with these same certificates for a long time and never encountered issues with digitally signing.

Any ideas of what might be causing this issue?

Thanks in advance

Josh

Report · Feb 26, 2013

Hi Steve,

Well I think I have some good news to report. After I asked our PKI group about getting a test certificate for you, they advised me that patch 17330 just came out for Entrust Security Provider 9.2 and that it supposedly provides support for Acrobat 11. I went ahead and applied the patch and after doing some cursory testing, it appears to be allowing me to sign with 11 now. I'll do some more in-depth testing to confirm the result but just wanted to give you an update.

Thanks

Josh

Report · Feb 26, 2013

Hi Josh,

That's what I figured. Once third-party software gets involved we can't control what's happening. In fairness to Entrust, they don't see the problem until they get their hands on the shipping version of Acrobat just like we don't see the problem unless we've set up an Entrust-centric environment.

However, I am relieved that a solution is in sight.

Steve

Report · Feb 28, 2013

This is completely absurd. Signing documents with a photo of my signature was my favorite feature of Adobe Reader X. The above is way too complicated for anyone to possibly navigate except for advanced computer users. Do you think anyone at a title company will be able to figure the above out? This needs to be far easier.

1) Don't remove the 'Sign' button. Make it so that it asks for the information the app needs instead of disappearing completely. When it's gone, the user has no idea what to do other than dig around on forums like this one to realize they are going to have to go back to printing, signing and scanning again. Managing certificates is a huge headace and most IT professionals don't get it right. What makes you think your average user will be able to?

2) Make the signature tied to your adobe login. If you are signed into the Adobe service, have the server set up all of the certificates and your login verifies your identity. This way, Adobe gets you to sign in every time you sign a document. Adobe can then collect all sorts of cool telemitry that is disclosed in the EULA no one ever reads.

This is a huge step backwards. Please fix this soon. I came to rely on the sign feature to execute documents painlessly, and now my whole business is much more painful because this feature is gone and I'm back to spending money on paper and ink that I wasn't before.

Report · Feb 28, 2013

Hi John,

I don't think you posted your response/request to the correct thread. It seems a bit out of context with tracking down CAPI errors when using Entrust Security Provider.

Steve

Report · Feb 25, 2013

Steve,

I tried deleting the Security key under Current User, relaunched Acrobat 11 and received the same error when signing.

Thanks

Josh

Report · Feb 25, 2013

Hi Josh,

If you double click on the .reg file you exported it will start the import process to get things back to where they were before you deleted the key. All you have to do is click the Yes button on the confirmation dialog and the the OK button and all will be back to normal.

Of course that doesn't fix the problem. I was just going over this with one of my co-workers. One thing we are curious about is if you can sign in a different application, but it has to be an application that used CNG.

For example, can you sign a Word doc using Office 2010 (the earlier version use CAPI). We are at the point that we need to be able to duplicate this in house. Is there some way we can get a test digital ID from Entrust Security Provider 9.2?

Steve

Report · May 21, 2013

We are currently experiencing the same issue.
The issue occurs in Windows 7 in both Adobe Acrobat XI and Adobe Reader XI, neither in Adobe Acrobat X (and previous) nor Adobe Reader X (and previous).
I found out that signing works in both Adobe XI when it is run in Windows 7 under Windows XP compatibility mode.
So I guess the issue is in the Adobe product.

Report · May 27, 2013

Hello Steven,

I'm trying to insert a signature. Adobe shows the following message:

The service provider's encryption windows reported an error:
The handle provided is invalid.
Error code: 2148073510

Can you help-me.

We are using Windows 7 and a trial of Adobe XI.

We need to buy some licences of Adobe ..... but ....

Thanks

Report · Sep 29, 2014

We are currently experiencing the same issue.

Windows 7 SP1 up-to-date (32 and 64 bits) / Adobe Acrobat PRO XI (11.0.09)

Windows XP compatibility mode doesn't fix the problem.

We can digitally sign Microsoft Word documents without trouble but not with Acrobat Pro 11.

We have the issue on all computers using Acrobat Pro 11.

Is there a fix to apply ?

Thanks.

Herve.

Report · Sep 29, 2014

Hi Herve,

Are you using Entrust software, or, a program from other than Microsoft to manage your digital IDs?

Thanks,

Steve

Report · Oct 03, 2014

Hi Steve,

We don't use Entrust or others softwares than Microsoft Windows to manage certificates or digital IDs.

Compatibility mode : KO

Export certificate and import inside Adobe Pro 11: KO

What can we do now ?

Thanks.

Herve.

Report · May 14, 2016

Any solution? I am trying to sign a Dept of Defense form using Adobe Acrobat Reader DC (File version: 15.016.20039.54196) but I receive this error code. I have tried all steps provided in this thread including turning off default signing, requiring revocation checks, trying to export my certificates (Common Access Cards do not support this), and Ellen Swift's method to update certificates in Windows' Control Panel. I have ActivClient and Silanis e-Sign installed. I do not know what Entrust is and probably don't have it. I habitually use my CAC to access government websites and sign documents online and locally using MS Word 2013. My Windows version is Windows 7 Professional SP1. Attempting to sign results in the following popup:

"The Windows Cryptographic Service Provider reported an error:

Key does not exist.

Error Code: 2148073485"

Report · Oct 16, 2014

[Resolved for me] I encountered the same error just yesterday and I found this thread just now. Though Steve's troubleshooting guide did not work for me either, his explanation (and error message itself) gave me the idea that the problem is really not with acrobat. This solution may not work for all as you'll really need a Smart Card/Active key or any device that contains a copy of your certificate for it to work. So here's what I did:

Insert Smart Card/Active Key;
Go to Control Panel > Manage file encryption certificates;
Click Next on the Wizard;
Tick "Use this Certificate" (If grayed out, the "Select Certificate" Option should still be clickable. Use that);
This should take you to your Smart Card/Active Key. Login as Necessary;
Click Next when your Certificate is Loaded;
When you get to the "Update your previously encrypted files" window, check "All Logical Drivers" and make sure you also update encrypted files to be safe;
Once you click Next, Windows will update your certificates.
After completion, launch Adobe and sign away

Hope this works for you guys as well, Good Luck! 🙂

PS - so happy this worked, I just had to take the time to register for an account and post this here. lol

PPS - I also did the regedit and did not went back to my original settings when I did my TS. Not sure if still relevant.

Report · Feb 11, 2015

Entrust users may also wish to look at this dialog: "Debugging Error Code: 2148073513". Entrust ESP 9.2 + Entrust ESP Service Pack 1 solved the problem for me.

Report · May 14, 2016

hello!

i have the same problem when i try to sign a document

windows cryptographic service provider reported an error

key does not exist

Error code: 2148073485

i use Acrobat Reader DC on Windows 10.

Report · May 19, 2016

I have exactly the same error. It seemed to start after the Microsoft security patches for May 11, 2016. Here are my details:

I am using a smartcard token from IdentTrust with SafeNet Authentication Client on a fully patched Windows 7 Professional. The certificate is valid until 2017.

I tried the following (basically the suggestions above (Error 2148073513 When Attempting To Digitally Sign In Acrobat 11 Standard ) and nothing worked:

Check for Acrobat updates (none available)

Repair the Adobe Acrobat DC installation from the Acrobat Help menu

removing the certificates from Windows

Installing the certificates into the Adobe trusted root store

Unchecking the option to require revocation checks

Testing the certificate on an external webserver with IE works

Signing a document with Microsoft Word works.

Please help.

Report · May 19, 2016

Everything was working last month using Reader DC. It then broke. DoD CAC and IdenTrust ECA certificates work with all other applications. Adobe stopped working.

How do I get this function back?

Report · May 22, 2016

We published a KB article related to this issue just a while back.

Windows cryptographic service provider error | Key does not exist, error code 2148073485

While we investigate it further, the workaround provided in the article should help.

"Check with your signature device or driver manufacturer for an updated driver that may resolve this error.

If the requested hashing algorithm is not supported by the signature device, then the solution is to set registry key aSignHash to SHA1 as described on this page -http://www.adobe.com/devnet-docs/acrobatetk/tools/PrefRef/Windows/Security.html#Signing:Ha shAlgorit.... However, this is not a recommended approach as this would set SHA1 as the default hashing algorithm for all signatures, which is considered deprecated industry wide. Therefore, Adobe strongly recommends checking with your signature device or driver manufacturer to get a newer device or driver that supports SHA256 or higher hashes."

Report · May 22, 2016

Hi Claudiu

We published a KB article related to this issue just a while back.

Windows cryptographic service provider error | Key does not exist, error code 2148073485

While we investigate it further, the workaround provided in the article should help.

"Check with your signature device or driver manufacturer for an updated driver that may resolve this error.

If the requested hashing algorithm is not supported by the signature device, then the solution is to set registry key aSignHash to SHA1 as described on this page -http://www.adobe.com/devnet-docs/acrobatetk/tools/PrefRef/Windows/Security.html#Signing:Ha shAlgorit.... However, this is not a recommended approach as this would set SHA1 as the default hashing algorithm for all signatures, which is considered deprecated industry wide. Therefore, Adobe strongly recommends checking with your signature device or driver manufacturer to get a newer device or driver that supports SHA256 or higher hashes."

Report · May 22, 2016

Hi Claudiu, for Error Code 2148073485, We published a KB article related to this issue just a while back.

Windows cryptographic service provider error | Key does not exist, error code 2148073485

While we investigate it further, the workaround provided in the article should help.

"Check with your signature device or driver manufacturer for an updated driver that may resolve this error.

If the requested hashing algorithm is not supported by the signature device, then the solution is to set registry key aSignHash to SHA1 as described on this page -http://www.adobe.com/devnet-docs/acrobatetk/tools/PrefRef/Windows/Security.html#Signing:Ha shAlgorit.... However, this is not a recommended approach as this would set SHA1 as the default hashing algorithm for all signatures, which is considered deprecated industry wide. Therefore, Adobe strongly recommends checking with your signature device or driver manufacturer to get a newer device or driver that supports SHA256 or higher hashes."

Report · May 25, 2016

I am having the exact issue. I was able to sign documents for months then I couldn't. I switched through products like Adobe Reader, doPDF8, and now I am using Acrobat Pro DC, with no luck. I have tried the card reader in my laptop and on my keyboard, no luck. To eliminate the hardware issue, I grabbed the working keyboard w/reader (Dell SK-3205) of a co-worker that could sign PDFs and used it with my set up (laptop with Windows 7 Pro 64bit) and still could not sign documents. The problem did not move with the suspect hardware, to me that indicates, its not any of the card readers. He was able to sign documents with my keyboard and card reader (Dell SK-3205), the problem is persistent with my machine. I almost think it an operating system issue (perhaps an unintentional outcome of a windows update). I already went to services.msc and restarted the related services such as Windows Cryptographic Service, and ensured it was set to automatic. This also did not yield any positive results. I do not think this is a hardware issue, at least not from what I can see so far but I get the same Error Code 2148073485.

Report · May 31, 2016

Hi Claudia and Ke Bi,

With reference to error code 2148073485:

We published a KB article related to this issue just a while back.

Windows cryptographic service provider error | Key does not exist, error code 2148073485

While we investigate it further, the workaround provided in the article should help.

"Check with your signature device or driver manufacturer for an updated driver that may resolve this error.

If the requested hashing algorithm is not supported by the signature device, then the solution is to set registry key aSignHash to SHA1 as described on this page -http://www.adobe.com/devnet-docs/acrobatetk/tools/PrefRef/Windows/Security.html#Signing:Ha shAlgorit.... However, this is not a recommended approach as this would set SHA1 as the default hashing algorithm for all signatures, which is considered deprecated industry wide. Therefore, Adobe strongly recommends checking with your signature device or driver manufacturer to get a newer device or driver that supports SHA256 or higher hashes."

-Aj

Report · May 19, 2016

Hi everyone facing the issue with signing,

With the Reader DC release 15.016.20039, we have deprecated use of SHA1 hash while signing. SHA256 has been the default hashing algorithm, but in the prior releases in case the CSP driver doesn’t support SHA256 or higher hashes Reader used to silently fallback to SHA1 hash while creating the signature. In this release, we have removed the silent fallback to SHA1 due to which this error pops up and subsequently signing fails.

Please let me know the driver of the e-token device your are using for signing.

Also, please check with the driver manufacturer for the updated driver that should resolve this error.

Report · May 20, 2016

What is an "e-token device"? Does this mean the smartchip card, the card reader, something else?

Report · May 26, 2016

Hello

I have the same problem to sign with digital sign, Before one week I do this operation without problem.
When I try today to do the same the Acrobat Reader DC (using Wind 7 x64) i receive the masage :

I read all, which people before me write for them problems and solution - but the problem is still stay

please help

Adobe Community

Error 2148073513 When Attempting To Digitally Sign In Acrobat 11 Standard

1 Correct answer