8

I can't validate a signature on a PDF.

Some important information about the PDF certificate:

Validity Start : 2011/12/21
Validity End   : 2012/12/20
Signature Date : 2012/12/23

The error is The selected certificate path has errors: Not time valid

I have set my Adobe Reader certificate security preference to Use expired timestamps, but to no avail.

What should I do?

This is an e-Aadhaar PDF, a government initiative of India. I have followed the steps from here, but to no avail. This is what the website said:

1) Right click on the ‘validity unknown’ icon and click on ‘Validate Signature’.

2) You will get the signature validation status window, click on ‘Signature Properties’.

3) Click on ‘Show Certificate..’

4) Verify that there is a certification path named 'CCA India 2011'. This identifies CCA India as the owner of the digital certificate that has been used when signing the document.

5) Mark the certification path named 'CCA India 2011', click the 'Trust' tab and then 'Add to Trusted Identities'.

6) Answer 'OK' to any security question that follows.

7) Check(v) the field for 'Use this certificate as a trusted root' and click 'OK' twice to close this and the next window.

8) Click 'Validate Signature' to execute the validation.

enter image description here

Shumon Saha
  • 758

6 Answers6

1

The security preference set to Use expired timestamps means that an expired signature / expired validity is treated as valid. However, a signature date after the end of the validity of document doesn't make sense, which is the case here. Hence, the problem is with the document signer, and not with the person who was issued this PDF from the Indian government. The Indian government has rectified the issue and newly downloaded PDFs are valid now.

Shumon Saha
  • 758
0

Check your system time. Frequently when I first install Windows the BIOS time (and hence Windows time) is set to some incorrect value. This in turn messes up certificates if the time is after the validity period of the certificate, or predates the certificate issuance. Note that Windows' "Internet time" function (NTP synchronization) will not work if the time difference between real and your computer's clock is too great. You will have to manually set it using something like http://www.time.gov/ or your country's official timesource.

This is a quick and dirty hack, but can you set your system time to be within the validity period of the certificate and then try and validate it? If it validates within that time, you will know it is legitimate, and then can trust it, even though you are now outside the time of validity.

slhck
  • 235,242
K.A.Monica
  • 6,641
0

It would help us to analyze the problem, if you provided us with a not-too-private document signed with this signature.

As a workaround (and also as another test), try using another pdf reader such as Foxit Reader (which is perhaps the world's best pdf reader).

harrymc
  • 498,455
0
  1. In Acrobat or Reader, click Edit > Preferences.
  2. From the Preferences dialog box, select Security on the left.
  3. Click Advanced Preferences, and then click the Verification tab.
  4. Select Verify Signature using 'The Current time'

Restart the pdf and validate the signature

Matthew Williams
  • 4,324
user344902
  • 1
0

If you are using Windows XP, try using Adobe Reader 9 version only.

I had the same problem while using Adobe Reader 11 but when I reverted to 9 it worked.

Mokubai
  • 95,412
SEBASTIAN
  • 11
0
  1. In Acrobat or Reader, click Edit -> Preferences.
  2. From the Preferences dialog box, select Security on the left.
  3. Click Advanced Preferences, and then click the Verification tab.
  4. Select Verify Signature using The time as which the signature was created
HopelessN00b
  • 1,891
vipul
  • 1