If you are using a test certificate to digitally sign a PDF file from Adobe Acrobat, the digital signature will not immediately appear as valid. The free test certificates generated by the SSL.com sandbox are intended for test purposes, do not undergo validation and are not automatically trusted. This is in contrast to using SSL.com production certificates which are issued after an identity validation process and are trusted by Adobe readers by default.
SSL.com’s Document Signing Certificates are trusted worldwide to digitally sign and certify Adobe PDF documents with secure digital signatures.
Requirements
There are 3 requirements for this guide:
a) A test document signing certificate: In this guide, we are using an SSL.com test document signing certificate that can be ordered using SSL.com’s sandbox/test environment. For a detailed guide on how you can create an SSL.com sandbox account, please refer to the article: Using the SSL.com Sandbox for Testing and Integration.
b) A document signing application: In this case, we will be using SSL.com’s eSigner remote signing service which securely stores digital certificates in the cloud. Specifically, we will be using eSigner Express, SSL.com’s GUI web application that lets users create digital signatures on most internet browsers, with no need for hardware tokens to store the digital certificate.
c) A PDF file opener: In this guide, we are using Adobe Acrobat.
Steps
1. Login to the eSigner sandbox environment at https://try.esigner.com/. If you do not yet have an account, select the Create account option.
2. Click the green button CLICK HERE TO UPLOAD FILE to load your PDF document to eSigner Express. You can upload a maximum file size of 60 megabytes for document signing.
3. Select your file and click the Open button to upload it to eSigner. Once uploaded and ready to sign, click the Digitally Sign and Finish tab.
4. Click Sign and Exit. You will then be prompted for the 6-digit verification code sent either to an Authenticator app on your phone or directly to your phone’s SMS inbox, depending on the option you selected when you enrolled your document signing certificate to eSigner.
5. A message will appear showing that eSigner Express has successfully signed your PDF document. Click the Download PDF file button to view the digital signature on the file.
6. Upon opening the digitally-signed PDF file, Adobe will show the message “At least one signature has problems” to indicate that the test certificate is not trusted yet. There will also be an exclamation point symbol to further indicate that it is not trusted.
7. Click the Signature Panel button.
8. Left-click the particular digital signature that you want to validate.
10. Click Signature Properties
11. Adobe will display the two messages:
a) Signature validity is UNKNOWN.
b) The signer’s identity is unknown because it has not been included in your list of trusted certificates and none of its parent certificates are trusted certificates.
Click Show Signer’s Certificate to validate the signature and the signer’s identity.
SSL.com’s Document Signing Certificates are trusted worldwide to digitally sign and certify Adobe PDF documents with secure digital signatures.
13. A dialog box will appear asking you to confirm if you want to trust the certificate. Click the OK button.
14. Another dialog box will appear providing you options on which cases you want the test certificate to be trusted:
a) Use this certificate as a trusted root: There should be a tick in the check box for this option. This will enable your test certificate to be directly trusted by Adobe.
b) Signed documents or data: Adobe sets a default check mark for this option.
c) Certified documents: This feature is optional and allows the test certificate to be trusted for Dynamic content, Embedded high privilege JavaScript, and Privileged system operations (networking, printing, file access, etc.). You can leave this feature un-checked if you do not need any or all of these three functions.
Once you have made your choice, click the OK button.
15. The test certificate is now trusted! Close the PDF file, re-open it, and you should then be able to see the digital signature shown by Adobe Acrobat as valid. You will also see that the exclamation point symbol is now replaced by a check mark in a green circle, indicating that the signature is indeed valid.
16. Click the Signature Panel again to view the details of the trusted signature.
17. Highlight the signature, right-click it, and select the Show Signature Properties option.
18. You will then see that Adobe now shows the signature and the signer’s identity as both valid. Click the Show Signer’s Certificate… button again to see further details about the test certificate that is now trusted.
19. Highlight the name of the test certificate. Click the Trust tab. Adobe places a green check mark for the particular task that the certificate is enabled to do. In this case, the test certificate has been enabled to be trusted on all available options provided by Adobe Acrobat.
20. If you want to see the trust list on which your test certificate is added by Adobe, click the Edit tab on the top menu and then Preferences… or you can also type Ctrl+K to take you directly to the Preferences window. Once there, select the Signatures category and click the More… button for Identities & Trusted Certificates.
21. Click Trusted Certificates and scroll down the list to see the name of your test certificate. Once selected, you will see that Adobe recognizes its validity period and its use for digital signing.
