You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 17 Next »

Basic Instructions

If you don't already have a digital certificate:
go to https://certificates.security.utexas.edu/
 
Choose UT austin from the list and click select to get started and use your @austin.utexas.edu address 


go to https://stache.utexas.edu/   and download your mail encryption key (download P12). Use your EID and EID password to log in 


The page with your encryption key has a password. you will need that password to import it into your keychain. 


Double click the downloaded key file something.P12

for MAC:

It should automatically try to import into  your keychain and will ask for the password for that file. enter that password. It may also need your EID password just to allow the importation into the keychain. 

if you imported it successfully, there will be a Category list. click My Certificates and locate your certificate. Click the triangle beside your certificate so it shows your private key beside your email address. Double Click the Key icon with your email address.

if you get this far, click the Access Control tab. in the box underneath where it says "Always allow access by these applications:" click the + sign underneath and navigate your way to your Applications folder and add Adobe Acrobat Pro.app. I usually add Mail.app and Outlook.app so I don't have to go back at a later date to set them up for email signing and encryption.

Save Changes. it should ask for your EID password

FOR Windows:

Double clicking the p12 file will open Certificate Import Wizard.
Go through. You shouldn't have to tick off anything. Do not check the box to force strong protection or it will make you enter your password every time you want to use the key.

Finish the wizard.

 

in Acrobat Pro:

Then open Acrobat Pro and go to the Acrobat menu (Edit menu on Windows) and choose Preferences. scroll down to Signatures. 

on the right is Identities & Trusted Certificates. Click More.

under Digital IDs, your name should show in the right panel. click on it and under Usage Options do for each item one time: Use for Signing. Use for Encryption. Use for Certifying. 

click Trusted Certificates. Scroll til you see The University of TExas at Austin and click it. 

  • At this step for Acrobat Pro XI running on Windows 7 the following had to be done to add the University's signing certificate to the list of trusted certificates. If you don't do this step then Acrobat reader will always says UT signing certificates are invalid because the certifying certificate is not trusted.
    • In the same window where you did the previous step, double-click on the user's listed certificate in the right pane
    • In the window that appears you will see a tree of signing certificates in the left pane. Just above the botton branch where the user's certificate is listed, a parent certificate named "The University of Texas at Austin" is listed. Click that certificate to bring up its options in the right pane.
    • Click the "Trust" tab and then click the button labeled "Add to Trusted Certificates..."
    • Accept the default trust options of just trusting it for signing and certifying documents
    • Click OK to accept all changes


Click Edit Trust just above that area that looks like pencil. click checkmarks in all the boxes and click ok. You should be ready to do digital signatures now.

*If you do not see a certificate for The University of Texas at Austin, find it in the Certificates section of the Keychain and drag it to the desktop, then you can import it into Adobe Professional

This wiki page has an attachment for how to place a signature in Acrobat 

Trusting the UT Austin Intermediate Certificate To Allow For Successful Validation of UT Employee Signed Documents

When someone uses their UT assigned digital certificate to sign a document by default new installations of Adobe Acrobat/Reader will not trust the signature which will result in a warning being displayed when people open up the signed document and verify the authenticity of the certificate used to sign the document. This happens because the certificate company that UT uses for their certificates is not currently built into and trusted by Adobe Acrobat/Reader. So you have to manually trust at least one of the parent certificates in the certificate chain used to generate UT employee digital certificates. This manual trust has to be done on a per-user account basis so if you have multiple users on a computer, each user account will need to go through the process of trusting the parent certificate. You can either manually open up the Adobe Trust Manager in Adobe Acrobat/Reader, select the parent certificate, and then select the option to "trust" it OR do the following:

  1. Ensure Adobe Acrobat/Reader is installed on the target computer.
  2. Download this exported certificate file. This is the UT Austin intermediate certificate used to generate all UT Austin employee digital certificates.
  3. Double click the exported certificate and Adobe Acrobat/Reader should automatically launch on the computer. In the window that appears click the "Set Contact Trust..." button.
  4. You will be presented with a Window to trust the certificate. Check off all options as shown in the following screenshot:
  5. Done. Restart Adobe Acrobat/Reader to put the change into effect. Now when you verify the UT employee digital certificate used to sign a document it should show up as valid.


  • No labels

Confluence Documentation | Web Privacy Policy | Web Accessibility