This section shows how to generate a key pair on the CryptoHub to use for digital signing operations in Adobe Acrobat Desktop.
Perform the following tasks to generate an RSA key pair for Adobe Acrobat:
- Create X.509 certificate container.
- Generate key pair for digital signing in Adobe Acrobat.
- Assign a Name to the private key.
- Grant Use permission on the private key.
You must generate the key pair under a root CA certificate to give it the encrypt and decrypt security usage it requires.
Create a certificate container
Perform the following steps to create an X.509 certificate container:
Go to Administrative Services > PKI Management > Certificate Management.
In the X.509 Certificate Container creation dialog, configure the following settings:
- Name:
Adobe Acrobat
- Host: None
- Type: X.509
- Owner group: Select the Adobe Acrobat role CryptoHub created for the service.
Generate a key pair
Perform the following steps to generate a key pair for Adobe Acrobat:
Right-click the Adobe Acrobat X.509 certificate container and select Add Certificate > New Certificate.
Configure the following Subject DN settings:
- Preset: Classic
- Common Name:
adobe-acrobat
Configure the following Basic Info settings:
- Leave the values set to the default values.
Configure the following V3 Extensions settings:
- Profile: Select Certificate Authority
Assign a Name
Perform the following steps to assign a Name to the private key:
Go to Administrative Services > Key Management > Key Database.
Right-click the adobe-acrobat key pair in the Keys section and select Edit.
Under Key Settings, enter adobe-acrobat in the Name field and select [ OK ] to save.
Grant Use permission
Perform the following steps to grant Use permission on the private key:
Go to Administrative Services > Key Management > Key Database.
Right-click the adobe-acrobat key pair and select Permission.
Select the Adobe Acrobat role in the drop-down menu and select [ Add ].
Select the Permission drop-down option next to the Adobe Acrobat role and select Use.
