Is your CA being trusted by the Adobe application in question?

----- Original Message -----
From: "Ricardo Alexander Perez Ricardez" <>
Sent: Thursday, September 15, 2016 1:12:21 PM
Subject: [Pki-users] ocsp doesn't work on the client side - "OCSP response 
signature invalid"

Error: "OCSP response signature invalid" 

On the server side I have configured an instance of pki working properly, I 
have two subsystems a CA, and OCSP. 

On the client side I have a valid certificate that I use to sign a PDF document 

In Adobe Reader or Adobe Acrobat I perform the following steps: 

1. Signing a PDF document 
2. Validate Signature 
3. I receive the message: "The validity of the signature is unknown" 
4. Click on: Check the properties of signature 
5. Click on: Show signer certificate 
6. Click: Revocation tab 

The following message is displayed: 

We attempted to determine whether the certificate is valid by performing a 
revocation check using the protocol online certificate status (OCSP Online 
Certificate Status Protocol). 
The OCSP response was signed by "OCSP Signing CA Certificate" on 2016/09/15 
14:53:06 -05'00 '. 
Click Details signer for more information on the source of the revocation 
Click trouble seeing the problems encountered when performing this check 

6. Click on: Problems Found 
7. I get the message: "OCSP response signature invalid" 

Pki-users mailing list

Pki-users mailing list

Reply via email to