Setting certificate trust, Adobe approved trust list (aatl) – Adobe Acrobat XI User Manual
Page 409
402
Electronic signatures
Last updated 1/14/2015
4
Select Digital IDs on the left.
5
Do one of the following:
• To import an ID, click the Add ID button
, and follow the onscreen instructions.
• To export a certificate, click the Export button
, and follow the onscreen instructions to email or save the
certificate to a file.
Setting certificate trust
You build a list of trusted identities by getting digital ID certificates from signing participants and certificate security
workflows. You get this information from a server, file, or a signed document. For signing workflows, you can get this
information during the signature validation process. For certificate security workflows involving encryption, request
the information in advance. This enables you to encrypt the document with the document recipient’s public key. See
the Digital Signature Guide (PDF) at
for more information on setting up
certificate trust.
Adobe Approved Trust List (AATL)
The Adobe Approved Trust List (AATL) allows users to create certificate-based signatures that are trusted whenever
the signed document is opened in Acrobat 9 or Reader 9 and later. Both Acrobat and Reader access an Adobe hosted
web page to download a list of trusted root digital certificates every 30 days. Any certificate-based signature created
with a credential that can trace a relationship back to a certificate on this list is trusted. The trusted root certificates have
been verified by Adobe and other authorities to meet specific technical requirements. They represent high assurance
identity and signing credentials. The certificates include government and citizen credentials from across the world. In
addition, they include credentials from global commercial certificate authorities and qualified certification service
providers (CSPs) in Europe.
For details about this feature and why it is important for validating a signature, see the AATL web page at
.
AATL is enabled by default. The list downloads when you first open or create a signed document, or access the various
security preferences dialogs. You are asked to verify if the automatic update in the AATL is acceptable to you. Click Yes
if you want to receive the updates.
Note: Check with your administrator if your organization has turned off access to the AATL for some reason.
To verify the AATL is enabled:
1
Choose Edit > Preferences (Windows) or Acrobat/Adobe Reader > Preferences.
2
From the Categories on the left, select Trust Manager.
3
Select the option Load Trusted Root Certificates From An Adobe Server.
This option allows Acrobat or Reader to automatically download trust settings from an Adobe server. These trust
settings ensure that the user or organization associated with the certificate has met the assurance levels of the Adobe
Approved Trust List program.
4
Do one of the following:
• To be prompted when new root certificates are available from Adobe, select Ask Before Updating.
• To download the latest version of the Trust List from Adobe, click Update Now.