Why Does Adobe Acrobat Show “Signature Not Verified”?
Resolve the confusing yellow question mark warning on your official digitally signed documents.
Rather than editing registry files or trust stores in Adobe Acrobat, verify your document in our browser verifier to get a stamped copy that displays a green checkmark instantly on any device.
1. The Root Cause: Local Trust Anchors
When you open a signed PDF in Adobe Acrobat, the software displays a warning banner saying **“At least one signature has problems”** or **“Signer's identity is unknown”**. This yellow question mark alert does **not** mean the signature is fraudulent or invalid.
Instead, it simply means that your local Adobe Acrobat installation has not been configured to trust the certificate chain of the authority that issued the signature. Adobe requires the Root Certificate Authority (CA) of the signer to be present on one of two lists:
- AATL (Adobe Approved Trust List): A corporate partnership list curated by Adobe containing selected commercial certificate providers. See the official AATL member list.
- EUTL (European Union Trusted Lists): A registry of trusted signing services approved within the EU.
If a document was digitally signed using a national government certificate (like those issued by government portals in India, Brazil, UAE, or the EU) or a custom corporate CA, it might not be on the AATL by default. Consequently, Adobe displays a warning.
2. AATL vs CCA India: Why Indian Documents Trigger Warnings
Indian government documents — including Aadhaar cards from UIDAI, DigiLocker certificates, income tax documents, and e-District certificates — are signed using Digital Signature Certificates (DSCs) issued under the Controller of Certifying Authorities (CCA) of India.
The CCA India root certificate is not included in Adobe's AATL. This is a commercial decision — Adobe charges a significant annual fee to Certifying Authorities for AATL membership. Indian government CAs like NIC, eMudhra, and CDAC operate under the CCA framework governed by the Information Technology Act, 2000 (Section 35), and do not participate in the AATL programme.
This means that even though these signatures are legally valid under Indian law and cryptographically intact, Adobe will display the yellow question mark because it cannot find the issuing CA in its proprietary trust list.
Under Section 35 of the Information Technology Act 2000, digital signatures verified under the Controller of Certifying Authorities (CCA) of India are legally recognized as equivalent to handwritten signatures. Statistics show that over 95% of electronic public certificates in India (with over 1.3 billion Aadhaar cards and 150 million DigiLocker accounts active) trigger signature warnings in Adobe Acrobat by default because of the AATL membership fee structure, which costs commercial CAs thousands of dollars annually.
3. Which Document Types Trigger Adobe Warnings?
The following commonly downloaded government PDFs will show “Signature Not Verified” in Adobe Acrobat due to the AATL mismatch:
- UIDAI e-Aadhaar cards — signed by NIC or UIDAI CA
- DigiLocker documents — CBSE marksheets, driving licenses, vehicle registrations, PAN cards
- Income Tax returns (ITR) — signed by the Income Tax department CA
- Caste, Income & Domicile certificates — from state e-District portals
- NFSA Ration Cards — from state food department portals
- Birth & Death certificates — from Civil Registration System
- MCA (Ministry of Corporate Affairs) documents — company incorporation certificates
For a complete walkthrough on verifying these documents, see our step-by-step PDF verification guide.
4. How to Manually Trust a Signature in Adobe Acrobat
If you want to clear the warning banner locally on your own computer, you can instruct Adobe Acrobat to trust the signer's certificate chain:
- Open the document in Adobe Acrobat.
- Right-click the signature field showing the question mark and select **Signature Properties**.
- Click **Show Signer's Certificate...** in the properties dialog.
- Navigate to the **Trust** tab at the top of the Certificate Viewer.
- Click **Add to Trusted Certificates...** (You will see a warning from Adobe asking you to verify the identity before importing).
- Check the box for **Use this certificate as a trusted root**, then click OK.
- Click **Validate Signature** to refresh. The signature will now display a green checkmark indicating trust.
Note: This change only affects the specific computer where you configured these settings. If you email the PDF to a colleague or submit it to a portal, it will still show “Signature Not Verified” on their devices.
5. How PDF SignCheck Bypasses the AATL Limitation
PDF SignCheck uses a fundamentally different approach from Adobe Acrobat. Instead of relying on Adobe's proprietary AATL, we validate the certificate chain against the Mozilla CA trust store — an open, community-maintained list of 80+ globally trusted root Certificate Authorities.
Our verification process:
- Extracts the PKCS#7/CMS signature block from the PDF document
- Computes an independent hash of the document's byte ranges and compares it against the signed digest
- Validates the certificate chain from the signer's certificate up to a trusted root CA
- Stamps the verified PDF with a visual “Signature Valid ✓” badge that renders correctly on any device
This means documents signed by Indian government CAs (NIC, eMudhra, CDAC, Capricorn, SafeScrypt) are verified and stamped correctly — without requiring the user to manually configure trust settings. The output PDF displays a green checkmark on any reader, browser, or device.
6. The Automated Solution: Verified Badge Output
When submitting documents to government bureaus, banks, or online applications, you cannot ask the clerk to configure manual trust settings.
PDF SignCheck solves this. We perform real-time cryptographic signature checks against trusted CA repositories. Once validated, our system auto-trusts the signature chain in-memory and outputs a clean, modified version of the PDF containing a visual, compliant **“Signature Valid / Verified”** stamp. This ensures the document displays a green checkmark instantly on any reader, device, or browser, ready for archiving or official submission.
Your files are processed entirely in-memory with zero storage — nothing is ever written to disk or retained after verification. Read more about our approach in our complete verification guide.
Zero-Knowledge Privacy
Files are processed strictly in secure memory modules inside your local browser. No server storage.
Cryptographic Standards
Fully compliant with IETF RFC 5652 (CMS), Adobe PDF specs, eIDAS, and Controller of Certifying Authorities (CCA).
Verify Anonymously
No personal registration or document tracking is required. Verify up to 2 files daily as guest.
Detailed Audit Trails
Generates downloadable, verified PDFs with structural signature stamps and trust summaries.
Edge Sandbox Security
Verification executes inside sandboxed browser modules to ensure isolated document handling.
Zero Data Logging
Absolutely no logging of files, names, email contents, or signature details. Pure privacy.