1. Open the document to which you want to add a timestamp.
Validating digital signatures Part 2
Timestamp a document
Acrobat allows users to add a document timestamp to a PDF without needing an identity-based signature. To timestamp a PDF, a timestamp server is needed. See how to configure a timestamp server.
A timestamp guarantees the authenticity and existence of a document at a specific time and complies with ETSI 102 778 PDF Advanced Electronic Signatures (PAdES) standard.
2. From the All tools menu, select Use a certificate.
3. From the Use a certificate menu on the left, select Timestamp.
4. In the Choose Default Timestamp Server dialog that opens, select a default timestamp server from the list, or add a new default timestamp server.
5. Select Next and then save the document with the timestamp.
Validate a digital signature
If the signature status is unknown or unverified, manually validate it to identify the issue and find a potential solution. In case the signature status is invalid, you must contact the signer to resolve the issue.
For more information about signature warnings, and valid and invalid signatures, see Digital Signature Guide.
You can assess the validity of a digital signature and timestamp by checking the signature properties.
2. Open the PDF containing the signature and then select the signature.
The Signature validation status dialog box describes the validity of the signature.
3. For more information about the Signature and Timestamp, select Signature Properties.
4. In the Signature properties dialog box, review the Validity Summary that may display one of the following messages:
- Signature date/time are from the clock on the signer's computer: The time is based on the local time on the signer’s computer.
- Signature is time-stamped: The signer used a Timestamp Server and your settings indicate that you have a trust relationship with that timestamp server.
- Signature is time-stamped but the timestamp couldn’t be verified: Timestamp verification requires obtaining the timestamp server's certificate to your list of trusted identities. Check with your system administrator.
- Signature is time-stamped but the timestamp has expired: Acrobat validates a timestamp based on the current time. This message is displayed if the timestamp signer's certificate expires before the current time. To accept an expired timestamp, go to the hamburger menu (Windows) or the Acrobat menu (macOS) > Preferences > Signatures > Verification: More... and then in the Signature Verification Preferences dialog box, select Use expired timestamps. It displays an alert message when validating signatures with expired timestamps.
5. For details about the signer’s certificate, such as trust settings or legal restrictions of the signature, select Show signer’s certificate in the Signature properties dialog box.
If the document was modified after it was signed, check the signed version of the document and compare it to the current version.
Validate all digital signatures
1. Open the PDF for which you want to validate all digital signatures.
2. From the global bar in the upper-left, select All tools.
3. From the All tools pane, select Use a certificate > Validate all signature.
4. Select OK in the confirmation dialog box. Once all the signatures are validated. You get a confirmation message.
View previous versions of a digitally signed document
Whenever a certificate is used to sign a document, a signed version of the PDF is created and saved along with the original PDF. The saved versions are in an append-only format, meaning the original PDF can’t be modified. The Signatures panel provides access to all digital signatures and their corresponding versions.
To view previous versions, open the Signature panel and then select Options 
> View Signed Version.
The previous version opens as a new PDF, with the version information and the name of the signer in the title bar. To return to the original document, choose the document name from the Windows® menu.
Compare versions of a signed document
After a document is signed, you can display a list of the changes made to the document after the last version.
To compare the previous versions, open the Signatures panel and then select the signature. Then, select Options > Compare Signed Version To Current Version.
Once you're done, close the temporary document.
Trust a signer’s certificate
To trust a certificate, it must be added to the user's trusted identity list in the Trusted Identity Manager. Also, its trust level must be set manually. End users can exchange certificates or add them directly from signed documents and set their trust levels. However, enterprises may require employees to validate signatures without any manual intervention. Acrobat trusts all certificates that are signed and certified by a trust anchor. Therefore, administrators can preconfigure client installations or allow end users to add a trust anchor. For more information on trusting certificates, see About certificate-based signatures.
Add the certificate of the digital signature to the Trusted Identities list:
Digital signatures that were added using a self-signed certificate can’t be automatically validated by Adobe as the certificate isn’t in the list of Trusted Identities that Adobe uses to validate signatures. A self-signed certificate is a certificate that you’ve generated yourself using a third-party application. You won’t be able to manually validate the signature until the certificate is trusted by Adobe. If you open such a PDF, you’ll see a warning At least one signature has problems.
Caution
For security reasons, Adobe doesn’t recommend adding a self-signed certificate, or any random certificate to the Adobe's list of Trusted Identities.
To add the certificate that was used to apply the digital signature into Adobe’s list of Trusted Identities, do the following:
1. Open the Signature panel.
2. Right-click the signature and then select Show Signature Properties.
3. In the Signature Properties dialog box, select Show Signer's Certificate.
4. In the Certificate Viewer dialog box, select Trust > Add To Trusted Certificates.
5. Select OK.
Sign component PDFs and PDF Portfolios
You can sign component PDFs within a PDF Portfolio, or sign the PDF Portfolio as a whole. Signing a component PDF locks the PDF for editing and secures its content. After signing all the component PDFs, you can sign the entire PDF Portfolio to finalize it. Alternatively, you can sign the PDF Portfolio as a whole to lock the content of all component PDFs simultaneously.
To sign a component PDF, see Signing PDFs. The signed PDF is automatically saved to the PDF Portfolio.
To sign a PDF Portfolio as a whole, sign the cover sheet (View > Portfolio > Cover Sheet). Once you sign the PDF Portfolio as a whole, you can’t add signatures to the component documents. However, you can add more signatures to the cover sheet.
Digitally sign on attachments to component PDFs
You can add signatures to attachments before signing the cover sheet. To do so:
- Open the PDF in a separate window.
- Right-click the attachment and select Open file.
- To view signatures on the PDF Portfolio, navigate to the cover sheet to view the document message bar and signatures pane.
Related Articles
Validating digital signatures Part 3
View signed and certified PDF Portfolios A properly signed or certified PDF Portfolio has one or more signatures that approve or certify the PDF Portfolio. The most significant signature appears in a Signature badge in the toolbar. Details of all ...Validating digital signatures Part 1
What is a digital signature? Digital signatures are a secure and efficient way to electronically sign and authenticate documents, ensuring their authenticity and integrity. By using digital signatures, you can sign documents quickly and easily, and ...Certificate-based signatures Part 2
Set up a roaming ID account A roaming ID is a digital ID that is stored on a server and can be accessed by the subscriber. You must have an Internet connection to access a roaming ID and an account from an organization that supplies roaming digital ...Managing Digital IDs Part 1
Digital IDs FAQ What is a digital ID? A digital ID is like an electronic driver’s license or passport that proves your identity. A digital ID usually contains your name and email address, the name of the organization that issued it, a serial number, ...Managing Digital IDs Part 2
Specify the default digital ID To avoid being prompted to select a digital ID each time your sign or certify a PDF, you can select a default digital ID. 1. In Acrobat, select the hamburger menu (Windows) or Acrobat menu (macOS) and then choose ...