ldap server and acrobat

Report · May 06, 2010

hello

i have a question

necessary to exchange documents with signatures between 2 enterprises. but we don't want to use CA (certification authority). we have 2 variants:

1. ldap server.

as i see ldap server contains all certificates from all users, f.e. Larina.fdf and Brown.fdf. In Acrobat i have to create new directory server and when i want to find new certificate and load it to Trusted identities - i'm looking for it on ldap server with Manage trusted identities. But its manual work for each certificate... maybe it can be automatize - in other words can i load both of certificates Larina.fdf and Brown.fdf to trusted identities automatically (maybe periodically)?

2. exchange folder.

or we can use exchange folder for hold all certificates... but besides process of load will not automated...

maybe you can consult another way to automatize process of load certificates to trusted identities in acrobat?

( and i can't find trusted identities from acrobat in windows certificate store... where i can find it?)

Report · Jul 09, 2010

Hello Larina. Did you ever find a solution to finding certificates for all users with an LDAP server? I am also interested in getting this set up for our company.

Best Regards

Darryl

Report · Jul 12, 2010

Hi,

For signature workflows, you don't have to individually trust all the end entity certs for all your users. You only need to trust a "trusted root" up to which all the end user certs chain. That is, just trust one cert such as your enterprise cert if you issue your own or that of the 3rd party that issued it (e.g. Verisign).

You can use a number of mechanisms to set up trust:

fdf (now you only need one cert in the fdf per above)
export/import security settings feature
Use CDS: http://learn.adobe.com/wiki/display/security/Digital+Signatures+101
Use AATL: http://learn.adobe.com/wiki/display/security/Digital+Signatures+101

Does this get you started? http://learn.adobe.com/wiki/display/security/Document+Library

Ben

Report · Aug 11, 2010

HI

our company use automatic load security settings (only trusted identities) from http server

Report · Aug 11, 2010

Hi Larina,

If your question is "How do I get all the certs on my LDAP server to populate my Trusted Identities list automatically?", then the answer is in the docs I sent you to.

Go to Advanced > Security Settings.
Click on Directory Servers.
Add the LDAP server of your choice.

Ben

Report · Aug 11, 2010

Alternatively, export your entire address book as FDF and have everyone import it. IT admins often create a custom addressbook.acrodata file and install it with the product across the organization.

ldap server and acrobat

Photos