Knowing how to install trusted certificates in Adobe Reader is essential to avoid errors that prevent us from signing a document using this tool.
A very common situation when signing pdf with a digital certificate in Adobe Reader is that it indicates “The validity of the document certification is UNKNOWN. The author cannot be verified”, visible in the Signature Panel and in the signature stamps (if any). This happens because Adobe Reader does not recognize as a trusted issuer the Qualified Service Provider (QSP, formerly known as Certification Authority, CA) that issued the certificate (for example FNMT, Camerfirma, Firmaprofesional, AVANSI…).
To solve it, we will configure Adobe Reader to trust the certificate issuer or, in other words, we will add it to the trusted certificates. Right-click on the signature that is giving problems and select “Show signature properties”.
A window opens with the “Properties of the electronic signature” of the PDF. We can see the details of the signature information. Click on the “Show signer’s certificate” button.
Next, the Certificate Viewer opens. We see the certificate issuer (in this case Firmaprofesional) and the certificate details.
Next, we open the “Trust” tab, where we see that “This certificate is not trusted” (this is the source of the problem). Click on “Add to trusted certificates”.
It is possible that Adobe Acrobat shows us a warning message after clicking the previous button. We proceed to click on “Accept”.
Se nos abre la ventana de importación de configuración de contactos. Por defecto, está seleccionada una opción, dentro de “Confianza”, que dice “Utilizar este certificado como raíz de confianza” (en otras versiones el mensaje era distinto). Dejamos seleccionada esta opción (o la seleccionamos si no lo está) y pulsamos en «Aceptar» sucesivamente en las ventanas que nos vayan saliendo.
We go back to the Signature Properties window. At the bottom there is a button that says “Validate signature”. Click on it.
Perfect! Adobe Reader already says that the signature is valid because it already recognizes all the certificates of the trusted issuer. This operation must be done with all the Qualified Service Providers issuing certificates that we are going to use.
