Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 26 Next »

These instructions are intended for Adobe Acrobat Pro/Adobe Acrobat DC licensed software versions for people who have a need to Create or Edit PDF forms.
For people who simply need to sign documents, Acrobat digital signatures has been superceded by UT Docusign

Basic Instructions

If you don't already have a digital certificate:
go to https://certificates.security.utexas.edu/
 
Choose UT austin from the list and click select to get started and use your @austin.utexas.edu address 


go to https://stache.utexas.edu/   and download your mail encryption key (download P12). It will be named encryption and mail signing cert.  Use your EID and EID password to log in. You will also need to do the second factor Duo authentication. 


The page with your encryption key has a password. you will need that password to import it into your keychain. 


Double click the downloaded key file named something like YourEmailAddress.P12

for MAC:

It should automatically try to import into  your keychain and will ask for the password for that file which was the password on the page where you downloaded the encryption key in the box that says "Encrypted File Password". enter that password. It may also need your EID password just to allow the importation into the keychain when it asks for your "login" password. 

if you imported it successfully, there will be a Keychain list on the left, and also a Category list. click My Certificates in the Category pane and locate your certificate. Click the triangle beside your certificate so it shows your private key beside your email address. Double Click the Key icon with your email address.

if you get this far, click the Access Control tab. in the box underneath where it says "Always allow access by these applications:" click the + sign underneath and navigate your way to your Applications folder and add Adobe Acrobat Pro.app, or whichever version of Adobe Acrobat you're using. I usually add Mail.app so I don't have to go back at a later date to set them up for email signing and encryption. Don't bother with Mail.app if you use Outlook for email.

Save Changes. it should ask for your "login" (EID password) password again.

FOR Windows:

Double clicking the p12 file will open Certificate Import Wizard.
Go through. You shouldn't have to tick off anything. Do not check the box to force strong protection or it will make you enter your password every time you want to use the key.

Finish the wizard.

 

in Acrobat:

Then open Acrobat Pro/Acrobat Reader and go to the Acrobat menu (Edit menu on Windows) and choose Preferences. scroll down to Signatures. 

on the right is Identities & Trusted Certificates. Click More.

under Digital IDs, the certificate with your name should show in the right panel. click on your certificate once, and under Usage Options do for each item one time: Use for Signing. Use for Encryption. Use for Certifying. 

click Close

This wiki page has an attachment for how to place a signature in Acrobat. The first time you sign a document, it will ask for your Login password. It will be your EID password. Make sure you click Always Allow or it will make you do this for every document you try to sign. 

Update the Adobe Trusted Root Certificates To Allow For Successful Validation of UT Employee Signed Documents

When someone uses their UT assigned digital certificate to sign a document, by default new installations of Adobe Acrobat/Reader will not trust the signature, which will result in a warning being displayed when people open up the signed document and verify the authenticity of the certificate used to sign the document. This happens because the certificate company that UT uses for their certificates is not currently built into and trusted by Adobe Acrobat/Reader. So you have to manually update Acrobat to download the latest global trusted Certificate Authorities. This manual trust has to be done on a per-user account basis so if you have multiple users on a computer, each user account will need to go through the process of downloading Trusted Cerficate Authorities. 

  1. Ensure Adobe Acrobat/Reader is installed on the target computer.
  2. Choose Edit > Preferences (Windows) or Acrobat Acrobat Reader Menu bar > Preferences (macOS).
  3. From the Categories on the left, select Trust Manager.
  4. Select the option Load Trusted Root Certificates From An Adobe Server.
  5. This option allows Acrobat or Reader to automatically download trust settings from an Adobe server. These trust settings ensure that the user or organization associated with the certificate has met the assurance levels of the Adobe Approved Trust List program.Do the following:
  6. Tick the box to be prompted when new root certificates are available from Adobe.
  7. Select Ask Before Updating.
  8. Download the latest version of the Trust List from Adobe.
  9. Click Update Now.
  10. Restart Adobe Acrobat/Reader to put the change into effect.

•Now when you verify the UT employee digital certificate used to sign a document it should show up as valid. This should happen automatically

Adding a digital certificate to sign an Adobe PDF


  • No labels

Confluence Documentation | Web Privacy Policy | Web Accessibility