Need Help?

Contact QuoVadis Support at
+1-441-278-2810

bermuda_csp

QuoVadis Digital Signatures in Adobe Acrobat

Which QuoVadis digital certificates are trusted by default in Adobe Acrobat and Adobe Reader?

The QuoVadis Root Certification Authority and QuoVadis Root CA3 (and their G3 equivalents) are automatically distributed as part of the Adobe Approved Trust List (AATL) as of April 16, 2010.

The following QuoVadis certificates are automatically trusted in Adobe products that support AATL:

  • QuoVadis Advanced+ Certificates marked with the policy OID 1.3.6.1.4.1.8024.1.300. This includes QuoVadis Swiss ElDI-V and GeBüV, and QuoVadis Bermuda Accredited.
  • QuoVadis Qualified Certificates marked with the policy OID 1.3.6.1.4.1.8024.1.400. This includes QuoVadis Swiss ZertES Qualified, QuoVadis SuisseID, and QuoVadis Dutch Qualified.
  • QuoVadis PKIoverheid certificates, cross-certified with the “Staat der Nederlanden Root CA - G2” and marked with any of the following possible policy OIDs: 2.16.528.1.1003.1.2.3.1, 2.16.528.1.1003.1.2.3.2, 2.16.528.1.1003.1.2.3.3, 2.16.528.1.1003.1.2.5.1, 2.16.528.1.1003.1.2.5.2, 2.16.528.1.1003.1.2.5.3, 2.16.528.1.1003.1.2.5.4, or 2.16.528.1.1003.1.2.5.5.
  • Time-stamps by the QuoVadis Time-Stamp Authority with certificates marked with the policy OID 1.3.6.1.4.1.8024.0.2000.6.

How do I enable the Adobe Approved Trust List?

The Adobe Approved Trust List (AATL) is used to distribute and maintain a list of trustworthy digital certificate issuers for Adobe Acrobat and Adobe Reader.

Acrobat 9 or Reader 9 and later versions automatically download the AATL from Adobe every 90 days for updates. The feature is enabled by default and no user invention is required.

The 90-day timer is active if you open a digitally signed document, sign a document yourself, or access the signature functionality of the product. If you never perform these actions, the AATL will not be downloaded to your computer until you do so.

Afterwards, when the user receives a digitally signed document from a signer whose digital certificate can trace its chain back to a root on the AATL, that signature will automatically be trusted.

If you want to verify that the AATL is enabled, choose Edit ("Acrobat" on Mac) > Preferences > Trust Manager and be sure that the “Load trusted root certificates from an Adobe server” checkbox is selected. You can click the “Update Now” button in that same dialog box to download the latest version of the Trust List from Adobe.