Knowledge Base

Scenario

The Adobe Approved Trust List (AATL) is used to distribute and maintain a list of trustworthy digital certificate issuers for Adobe Acrobat and Adobe Reader.

Solution

For Adobe Acrobat Readers

Acrobat 9 or Reader 9 and later versions automatically download the AATL from Adobe every 90 days for updates. The feature is enabled by default and no user invention is required. The 90-day timer is active if you open a digitally signed document, sign a document yourself, or access the signature functionality of the product.

If you never perform these actions, the AATL will not be downloaded to your computer until you do so. Afterward, when the user receives a digitally signed document from a signer whose digital certificate can trace its chain back to a root on the AATL, that signature will automatically be trusted.

If you want to verify that the AATL is enabled, choose Edit ("Acrobat" on Mac) > Preferences > Trust Manager, and be sure that the “Load trusted root certificates from an Adobe server” checkbox is selected. You can click the “Update Now” button in that same dialog box to download the latest version of the Trust List from Adobe.

For more information visit http://www.adobe.com/security/approved-trust-list.html

3rd Party PDF Readers

For non-Acrobat readers:

AATL Approved Root CA (Symantec Document Signing RSA Root CA)

• symantec_document_signing_rsa_root_ca.cer
• symantec_document_signing_rsa_root_ca.pem

AATL Approved ICA (Symantec Individual Document Signing RSA CA)

• symantec_individual_document_signing_rsa_ca.cer
• symantec_individual_document_signing_rsa_ca.pem