When Adobe Reader XI 184.108.40.206 was released there was suddenly a new pop-up once you open Adobe Reader for the first time, and had settings in the profile from an older Adobe Reader X installation.
The message reads;
Trusted certificates from your previous version of Adobe Reader were found. Would you like to import them?
Any certificates that are not imported in this step will not be available in this version of Adobe Reader.
Adobe calls this the Addressbook and apparently this specific feature is the Addressbook Import.
There is a setting within the Windows Registry reference (under Security –> Addressbook Import) that documents three options an administrator can make to avoid having this nagging users.
The setting is “iImportAddressBook” and has three options;
- 0: Do not copy the old address book. The user is NOT prompted and the address book should NOT be installed.
- 1 or null: Default: The user is asked whether the address book should either be installed or not.
- 2: Import the address book silently.
To suppress this message, and silently import the address book you can set it the suggested DWORD-value to 2. It would look something like this;
Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\11.0\Security\cDigSig] "iImportAddressBook"=dword:00000002
If you need this to be part of the deployment the suggestion is to add this value as part of the Registry. Recommended approach is to use Adobe Customization Wizard XI – if using the Adobe supported editor the registry key will be part of their custom MSI table EnterpriseRegistries.
2 thoughts on “Adobe Reader Security – Trusted certificates”
Adobe Reader XI 220.127.116.11 was released there was suddenly a new pop-up, how to block it?
Nice post about reader security trusted certificate. I really appreciate this post.