Hi, > If I create my signer, datavault, scep SSL certificates with recognized > CA (Entrust, Thawte, Verisign, etc), will applications like Adobe > Acrobat accept my x.509 signatures without having to import the CA > certificate?
datavault and SCEP certificates are OpenXPKI internal and have nothing to do with the actual usage of your certificate. That said, if you actually have a CA signer certificate (OpenXPKI lingo: token type certsign) which was signed by a public CA then, yes, certificates issued by this CA will be able to create digital signatures which are accepted by applications such as Acrobat Reader without having to import additional Root Certificates. Please note that this is not a small (or cheap) feat. We are talking significant logistic, policy, security and monetary involvement on your side here. Cheers Martin _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
