Importing Netrust Root Certificate to Adobe Reader

Importing Netrust Root Certificate to Adobe Reader

[GUIDE] Importing Netrust Root Certificate to Adobe Reader

This guide is meant for the following user groups to import Netrust Root CA certificates into their Adobe Acrobat Reader:

a) Users who utilizes work-issued laptop who does not allow internet access.
b) Users who intentionally removed any Root Certificate and would like to re-add them back to Adobe Reader.
Users from a) and b) will likely encounter the following dialog upon opening the Digitally Signed document for the first time signed with the Netrust Certification Authority (CA).
i)
ii)
iii) Details regarding the End-Entity Certificate (used to perform signing - whose information has been redacted) can be found below.  


or



Pre-requisite(s)
1) Netrust Root CA 2 Certificate (.cer/.crt file extension)
2) Netrust Root CA 2 Certificate (.fdf/p7c file extension) - Please contact your Netrust Representative if you require the Certificate in this file-type.
In the event that no certificate file is provided OR if a certificate file (above specified file) is not allowed to-be sent on your machines due to security policies and already have a digitally signed file. Please refer to "[Method 2] Steps to Install Netrust CA Certificate using a Digitally Signed PDF".
You find the latest Netrust Certificates (.crt file extension) at https://netrust.net/download/. Please download the applicable Netrust Root Certification Authority (CA) files, sampled below.
The list is non-exhaustive and will updated periodically as required by Netrust, should you have further questions - please do not hesitate to contact your Netrust representative.



[Method 1] Steps to Import Netrust CA certificate into Adobe Acrobat Reader using a Netrust Root CA certificate file

1. Launch Adobe Acrobat Reader. From the Menu Bar, select “Edit” then select “Preferences”, OR alternatively press the hotkey 'Ctrl + K'.

2. From the Categories, select “Signatures”. Under “Identities & Trusted Certificates”, select “More...”

3. Select "Trusted Certificates" from the left pane and click on “Import”.


4. From the “Choose Contacts to Import” window, click on "Browse".

5. A file explorer will launch. Locate and select the Netrust Root Certificate file (Certificate file in .cer, .crt and .fdf extensions are supported by Adobe Acrobat Reader) which is downloaded from the Netrust website or provided by Netrust. Click "Open". 
The following example uses the Netrust Root CA 2 certificate, but the same flow can be applied for other Netrust Root CA certificates.
The following example uses the Netrust Root CA 2 certificate, but the same flow can be applied for other Netrust Root CA certificates.
Note: In the event if Netrust Root Certificate file is not displayed in the file explorer when you are in the correct folder containing Netrust Root Certificate file, refer to "[Annex B] Netrust CA certificate File not Display in File Explorer"

6. Once the certificate is opened, select the certificate in the "Contacts" pane.


7. In the same Window, the certificate will appear in the "Certificates" pane, click on the certificate in "Certificates" panel and then click on "Trust"


8. Check both "User this certificate as a trusted root" and "Certified documents" checkboxes and click "OK"
 

9. Click on "Import" to complete the import of Netrust CA certificate.

10. Upon completion, click on "OK".


Note: Repeat steps 3-10, if there are other Netrust CA certificates to be installed.

Ensuring the Import of Netrust CA Certificate is Successful

1. Upon completion of importing Netrust CA certificate, close all pop-up Windows to go back to the digitally signed PDF document.
Please click on "Signature Panel" tab on the top-right hand corner of the Adobe Acrobat Reader. 
Right click on signer information (2.), then on "Validate Signature" in the pop up.


2. The 'Signature Properties' tab will appear, displaying a window with the digital signature's information.
It will state that the document is not modified and the signer's identity is valid. Proceed to click on "Close"

3.  The Adobe Acrobat Reader digital signature ribbon will also show that the document is "Certify by" the signer identity.


or "Signed and all signatures are valid". 


[Method 2] Steps to Install Netrust CA Certificate using a Digitally Signed PDF

1. Launch the digitally signed PDF document with Adobe Acrobat Reader. Click "Signature Panel" in the signature ribbon.
Right click on signer information (2.), then on "Show Signature Properties" in the pop up.

2. Click on "Show Signer's Certificate".


3. From the list of certificate in the left pane of the Window (1.), select the top level certificate.
Click on "Trust" tab.
Click on "Add to Trusted Certificates...".


4.Click "OK".


5. Ensure that both "User this certificate as a trusted root" and "Certified documents" checkboxes are checked and click "OK".


6. Check "Validate Signature" to ensure that the Netrust CA certificate is installed successfully.


7. The below message will be displayed upon successful import of Netrust CA Certificate. For addition validation, please refer to "Ensuring the Import of Netrust CA Certificate is Successful" section.

Annexes

[Annex A] Download of Netrust Root CA 3 Certificate

1) Netrust Root CA 3 Certificate (.cer/.crt file extension)
2) Netrust Root CA 3 Certificate (.fdf/p7c file extension) - Please contact your Netrust Representative for this file-type.You find the latest Netrust Certificates (.cer/.crt file extension) at https://netrust.net/download/. Please download the applicable Netrust Root Certification Authority (CA) files, sampled below.
The list is non-exhaustive and will updated periodically as required by Netrust, should you have further questions - please do not hesitate to contact your Netrust representative.

[Annex B] Netrust CA certificate File not Display in File Explorer

In the event if the Netrust CA certificate file is missing even when file explorer is displaying the correct folder, please type in the Netrust CA certificate file name (with extension) into the "File Name" text box and click "Open".

Should you require any assistance on adding the Netrust Root CA file into your machine, please contact customersupport@netrust.net for assistance.



    • Related Articles

    • Importing Netrust Root Certificate to Adobe Reader with signed PDF file

      This guide is meant for the following user groups, a) Users who utilizes work-issued laptop who does not allow internet access. b) Users who intentionally removed any Root Certificate and would like to re-add them back to Adobe Reader. Users from a) ...

    • Manually Trusting Netrust Certification Authority (CA) Root Certificates

      When opening a signed PDF, Adobe Reader prompts “At least one signature requires validating” or “at least one signature has problems” in the signature panel and in the signature stamps (if any).  This means that Adobe Reader does not trust the ...

    • [SAM] Generating Certificate Signing Request (CSR) & Importing CA Reply

      Generate CSR Using KeyStore Explorer 1. Open the keystore (pfx) file using KeyStore Explorer 2. Right click on the Entry Name with 'enc' and click Generate CSR 3. Enter your password 4. Save the file as .csr extension 5. Send the .csr file to Netrust ...

    • Netrust CA Root & Intermediate Certificates

      Netrust Root Certificates Name File Details Netrust Root CA 2 PEM | DER/CRT Valid until: 1 September 2041 Serial #: 57C7ECF4 SHA1 Fingerprint: 0AB5C3CD7448B86D711E77A549838B87CE525F7F SHA256 Fingerprint: ...

    • Using Netrust Digital Token in nSignHub

      Pre-requisites Signer should have Go>Sign installed on the computer that you want to perform digital signing. Signer should have a Netrust digital token. Signer should have an active nSignHub account. Your Enterprise Admin should have ...