ADCS vs. self-signed certificates
Posted on 2013-06-12
I am at a cross road with our Digital Signature project. Our goal is to provide the ability to digitally sign in-house PDFs. The PDFs will not leave the organization.
Solution #1: I have installed and configured Active Directory Certificate Services and have been working out a problem with publishing the Delta CRL. This solution is still dysfunctional.
Solution #2: Another suggestion was made that I use self-signed certificates, created by Adobe, and placed on protected shares accessible to the various groups within our organization. When a PDF needs a signature the user may select his/her .pfx from the share & authenticate identify with password.
My question are:
1. Which method is preferred? I suspect #1 is more secure.
2. Is solution #2 a legitimate option?
3. What is your experience with either solution?
Thank you kindly