Participating Frequently

Question

Explanation needed for FIPS mode setting in Acrobat Reader DC

Forum|Forum|4 years ago
May 6, 2021
1 reply
21435 views

I have seen a lot of older posts regarding an issue similar to this, but for some reason I cannot see the answers (though they were marked as successfully answered).

What I need is an explanation of how to tell, within Adobe Acrobat Reader DC, whether FIPS cryptography is turned on or off. We (U.S. Department of the Navy, Naval Sea Systems Command) are currently experiencing an issue whereby if they attempt to fill, sign, and then save a fillable, signable PDF form using Adobe Acrobat DC (the full version) we get an error message saying that "Document could not be saved. Use of non-FIPS cryptography is not permitted while in FIPS mode" (attachment with screencap). But if we do the same thing in Reader DC, it works just fine.

My question is, when the message says "while in FIPS mode" is that referring to the mode that Adobe is in, or the mode Windows is in? If it's Adobe, how can I see the setting in each of the to applications?

We are using Reader DC version 2021.001.20138 and Acrobat DC version 2020.013.20074.

Thank you.

Tim David

This topic has been closed for replies.

Amal.

Community Manager

Hi Tjdavid

Hope you are doing well and sorry for the trouble. As described you are getting the error 'Document could not be saved. Use of non-FIPS cryptography is not permitted while in FIPS mode'

Are you on a personal machine or IT managed work machine?

Please check the correct answer marked in a similar discussion https://community.adobe.com/t5/acrobat-reader/disable-fips-mode-in-adobe-acrobat-reader-dc/m-p/10188606 and see if that helps.

For more information on FIPS, please check out the help page https://www.adobe.com/devnet-docs/acrobatetk/tools/AppSec/fips.html

Regards

Amal

D

defaultldmcgtrk95rk

Participant

Can you kindly help me understand the information provided in the link above. When I read the FIPS statement, I read it as Adobe will never be FIPS compliant because it uses RSA proprietary encryption algorithms. Is this true. How do I get past this error WITHOUT diabling FIPS mode.

"Adobe utilizes certified and unmodified encryption modules licensed from RSA Security within desktop and server products. Therefore, Adobe will not show up in the NIST Cryptographic Module Validation Program vendor lists."

FIPS Compliance — Acrobat DC Application Security Guide (adobe.com)

D

defaultldmcgtrk95rk

Participant

Hi there

Hope you are doing well. please check out the correect answers marked in the similar discussion listed below and see if that works:

- https://community.adobe.com/t5/acrobat-discussions/error-saving-pdf-using-fips/td-p/10267547#M128265

- https://community.adobe.com/t5/acrobat-reader-discussions/disable-fips-mode-in-adobe-acrobat-reader-dc/m-p/10188606

Regards

Amal

Sorry Amal but the posts do not answer the question. I can diable FIPS through the registy pushed via GPO but this is a Cat II finding. The goal is to be compliant with DISA STIG policies. This error occurs and the only workaround I have seen is to turn off FIPS.

The question I am looking to be answered refers to the statement in the FIPS url above. From my interpretation, Adobe will never be FIPS compliant because it uses RSA proprietary encryption algorithms.

YES / NO ???

We have FIPS compliant forms that cannot be signed and get the exact error as the original poster. Looking for options to fix this without disabling FIPS through the regisrty.

Quote from the adobe website:

Adobe utilizes certified and unmodified encryption modules licensed from RSA Security within desktop and server products. Therefore, Adobe will not show up in the NIST Cryptographic Module Validation Program vendor lists.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded