Long-Term Validation (LTV) for Digital Signatures in Adobe Acrobat
Introduction
Long-Term Validation (LTV) ensures that digital signatures remain verifiable over time by embedding status information (e.g., OCSP or CRL data) into the signed document. This guide explains how to properly configure the LTV function in Adobe Acrobat to meet compliance standards, such as the EU’s eIDAS regulation.
Step-by-Step Guide to Enable LTV in Adobe Acrobat
Open Adobe Acrobat Preferences
- Launch Adobe Acrobat.
- Go to Edit > Preferences > Signatures.
Configure LTV and Signing Format
- Under Creation and Appearance Preferences, set the following options:
- Default Signing Format: CAdES-Equivalent (recommended EU standard).
- Check the box: "Include signature's revocation status".
- Under Creation and Appearance Preferences, set the following options:
Ensure Internet Connectivity
- Make sure your system is connected to the internet during the signing process.
Without an internet connection, the status information cannot be embedded automatically. - If the LTV information could not be embedded during signing, you can add it afterward:
- Open the document → Validate Signature > Embed LTV Information.
- Make sure your system is connected to the internet during the signing process.
Adding Timestamp to Signatures
To ensure compliance and improve verifiability, add a timestamp to your digital signature:
- Go to Edit > Preferences > Signatures > Document Timestamping.
- Configure a Timestamp Server:
- Click on More... and add your qualified Timestamp Authority (TSA) URL.
- Ensure proper credentials are set up for the server.
Important Note on Certificate Management
- Do not manually add qualified certificates or CA certificates to Adobe Acrobat’s certificate store.
- Adobe automatically recognizes qualified certificates.
- Manually adding certificates can result in inconsistent behavior, where signatures might appear differently for other users.
Do you need further support?
Related Articles
How to the USB-Token in Adobe
Prerequisites Certificate: Your USB token must be properly configured, and the certificate must be successfully stored on the token. SafeNet Authentication Client: Ensure that the SafeNet Authentication Client software is installed on your computer. ...How to use the USB token in SecSigner
Download and install SecSigner Download the SecSigner tool from the SecCommerce website: SecCommerce - Download SecSigner & SecSign ID Install the tool by following the instructions Preparing the file Open SecSigner, add the file and select the ...SIGN8 Local Product Information
The SIGN8 Local is a USB token certified as a QSCD (Qualified Signature Creation Device) according to Common Criteria standards. This hardware enables the creation of secure and qualified electronic signatures (QES) or qualified electronic seals ...Set up USB-token
Technical Component of the USB Token PRODUCT NAME SECURITY CERTIFICATION ID VALIDITY PERIOD OF THE CERTIFICATION TYPE OF COMPONENT PURPOSE IDPrime 940 (contact) and IDPrime 3940 (dual interface) smart card with security controller M7892 ...