Advanced digital signature with Adobe Reader/Adobe Acrobat
Table of contents
In order to digitally sign documents, Adobe Reader has to be configured first.
This happens in a central Adobe configuration file and covers the DFN PKI certificate chain, the DFN-PKI time stamp service (for a confidential time stamp)
as well as the integration of the DFN PKI LDAP directory service in Windows.
All further instructions require the installation of Adobe Reader X (or Adobe Acrobat X).
Configuration of Microsoft Windows
Start Adobe Reader and go to Edit-->Preferences.
Change to the Security tab on the left. Check Load security settings from a server on the right. Fill in the URL
https://tu-dresden.de/zih/ressourcen/dateien/dienste/arbeitsumgebung/e_mail/dateien/tu_dresden_adobe_security
In the option box Settings must be signed by: select Allow Any Certificate and click on Update Now.
Click Yes in the following window.
In the navigation menu on the left, click Trusted Certificates. Make sure that a certificate with name and issuer T-TeleSec_GlobalRoot_Class is missing in the displayed list.
You can download the certificate T-TeleSec_GlobalRoot_Class_2.crt via this link or directly from the DFN PKI Webpages .
You will be adverted to a new available update for security ooptions. Click OK in order to install the new update.
You will be informed about the update status. Please click on OK and close the Preferences with OK.
Confirm the following window(s). You finished the configuration succesfully.
Digital Signatur For Microsoft Windows
If you already have configured digital signatures, skip to step 3. If not, go to menu Edit-->Protection-->Security Settings.
(in Acrobat Pro X with actual updates not via "Edit" - please go via View->Tools)
Open the category Digital IDs on the left and click on Windows Digital IDs.
Choose your certificate on the right side and click on the pen symbol and choose Use for Signing.
Close the window.
You can digitally sign PDF documents now. Open a PDF document and click on the marked singing field.
A window Digital Signature will open.
If you own just one certificate, Adobe will select your configured certificate automatically in the field Sign As.
Click on Sign.
You have to save the signed PDF document with a new filename.
If you have signed the first time, you have to accept (and thus: trust) the time stamp service http://zeitstempel.dfn.de.
Apply this for all PDF documents, you want to sign (checkbox) and confirm to save settings.
The document is being signed now and saved in the new file.
Verifying the Signatur
After opening the document the signature will be checked automatically and the result will be shown in the status bar.
If you want to check all details (name, e-mail address, time stamp) of a digital signature, click on the according signature.
They will be shown the window Sign Validation Status. It will also be checked, if the document changed after the signature.
Find further indformation in Signature Properties.
In the Signature Properties you'll get all details of the digital signature.
If you like to verifiy several digital signatures, you can list them in the Signature Window and check them ne by one.
