Electronic signature of the document

Evicertia recommends Adobe Reader 9 or higher to view the affidavits. If you use other software, some of the descriptions below may not be displayed. If you are using another version of Adobe Reader, please refer to the manual.

Furthermore, some images of the product and menus in English and Spanish will be exchanged to be more user-friendly with the software in either of the two languages.


The affidavit is digitally signed, to verify the signature we recommend to do the following:

1. 1. By default, Adobe Reader is configured to display a message indicating that the PDF document is digitally signed.

1. 2. To verify the signature, you have to go to <Signature Panel>, in the previous image you can see where you should click to select this option. The signature properties appear in the new panel.

1. 3. To view the properties of the signature certificate, a property named <Certificate Details> appears in the panel, click on this field and a new window will appear with the signature certificate details.

Electronic signature of the document is not recognized

Evicertia recommends Adobe Reader 9 or higher to view the affidavits. If you use other software, some of the descriptions below may not be displayed.

Furthermore, some images of the product and menus in English and Spanish will be exchanged to be more user-friendly with the software in either of the two languages.

Adobe is a USA company, and has not included all the root certificates of the European certification service providers and, therefore, depending on how Adobe Reader is set up, when opening an Evicertia affidavit a message appears indicating that the validity of the document is unknown.



Below you will find, through two different options, the steps necessary to change the configuration and to recognize the validity of the signature.

Option A – Through Adobe Trusted Identity Manager

The configuration of trusted identities in Adobe Reader 9 is done in the menu <Document | Managing Trusted Identities> where at any time you can register or deregister any identity certificate and trust in it.

1. 1. In order to trust Evicertia‘s signature certificate, open the signature panel <Signature Panel>, as indicated above. The signature properties appear in the new panel.
2. 2. We select the signature certificate and right-click on the option <Show signatures properties>. In the new window that appears, select the tab <Signer>, and press the button <Show Certificates>.
3. 3. In the new window, select the root certificate issuing the signer's certificate (upper certificate in the left panel).
4. 4. Select the tab <Trust>, and press the button <Add to Trusted Identities>, a new window appears with a security message, press <OK>.
5. 5. The window <Import Contact Settings> appears, and you should check both options <Use this certificate as a trusted root)>, and <Certified documents>. We press <OK>.
6. 6. We close all pop ups until we return to the document, and in the <Signature Panel>, we right-click on the certificate, and select <Validate Signature>, a window like the following one will appear:

Evicertia‘s Affidavits do not include the validation information of the OCSP or the CRLs, that is why the following message appears “The signer’s identity was valid when it was issued, but no revocation checks could be made to validate the identity at this time.”

Option B – Through the cryptographic provider of the operating system

1. 1. We open Adobe Reader, and select <Edit| Preferences>.
2. 2. In <Categories>, select <Security> and in the section <Digital Signatures> press the button <Advanced preferences>.
3. 3. In the new window <Digital Signatures Advanced Preferences> select the tab <Windows integration>, and check the options:
   1. a. < (Enable searching the Windows Certificate Store for certificates other than yours)>.
   2. b. < (Validating Signatures)>
   3. c. < (Validating Certified Documents)>

Once the previous steps are completed, we have to install (if it is not installed) in the certificate store of the operating system (CPS Windows or Keychain access of Mac), the root certificate of the certification authority with which the affidavit is signed (FNMT-RCM, Camerfirma, Firmaprofesional, etc.).

From now on, if the signature is validated, the result will be the same as in the previous section.

For more information about the advantages and disadvantages of using either one or the other method, Evicertia recommends seeing the Microsoft and Adobe websites to look into this more closely.

• See Adobe Reader: Managing Trusted Identities

Timestamp cannot be verified

As in the previous case, if you do not have the root certificate of the Certification Authority (CA) that creates the timestamp, the following message is displayed in the PDF document:

• Signature is timestamped but the timestamp could not be verified.

It means that you have to change the permissions of the root certificate of the time stamping authority (TSA), to do this, we will proceed, as in the previous cases, in two different ways.

Option A – Through Adobe Trusted Identity Manager

1. 1. In order to trust Evicertia‘s signature certificate, open the signature panel <Signature Panel>, as indicated above. The signature properties appear in the new panel.
2. 2. We select the root certificate issuing the signature certificate and right-click on the option <Show signatures properties>. In the new window that opens, select the tab <Date/Time>, and we verify that in the field <Date> the text <Not available> appears.
3. 3. We press the button <Show Certificate …)> associated to the <Timestamp Authority>.
4. 4. A new window appears <Certificate Viewer> and we select the root certificate of the CA, the tab<Trust> and in this tab we press the button <Add to Trusted Identities…>.

1. 5. In the new window that appears <Import Contact Settings> check the following options, and press <OK>:
   1. a. Use this certificate as a trusted root.
   2. b. Certified documents.
   3. c. Dynamic content.
   4. d. Privileged system operations (networking, printing, file access, etc.)

1. 6. If we validate again the signature <Validate Signature>, the sale is reloaded and the message <Signature is timestamped> appears and the <Date> field displays the date and time when the document was signed.

Option B – Through the Windows CPS

As explained above, it can also be done through the Windows CPS. To do that, you simply have to install in this store the root certificate of the Time Stamping Authority (TSA). (http://www.accv.es/ayuda/descargar-certificados-digitales/)