Hi,
I'm running Adobe Reader DC 2020.013.20064 in an enterprise environment.
We have issued personal certificates for the purpose of signing documents through our internal Certificate Authority.
Signed documents are failing verification with the following diagnostic:
"The validity of the document is UNKNOWN. The author could not be verified."
"An attempt was made to determine whether the certificate is valid by checking whether it appeared in any Certificate Revocation Lists (CRLs)."
"An attempt was made to determine whether the certificate is valid by checking whether it appeared in any Certificate Revocation Lists (CRLs)"
"CRL Download error, Location ldap:///xxxx Cannot connect to server."
The CRL published by the signing certificate is valid, and can be verified with certutil -URL ldap:///xxx
showing both main and delta as OK - this results in network traffic on port 389 (LDAP).
Verifying signatures in Adobe results in no LDAP network traffic.
Am I missing a security option / registry setting which would make Adobe ignore LDAP certs?
Do I have to publish them with HTTP as well?
Thanks in advance,
M
1
Reply
AdChoices