Impact of Adobe Root CA certificate expiration on Reader Extended PDFs

This page addresses the concerns with Reader Extended PDFs in Adobe Acrobat and Acrobat Reader after the Root CA certificate expires on January 7, 2023.


Adobe leverages a PKI (public key infrastructure) to issue digital certificates for use in licensing and feature enablement. Adobe-issued certificates under the Certificate Authority (CA), ICA and EE are scheduled to expire on January 7, 2023. It will lead to the expiration of all certificates issued under this certificate authority.

Adobe Root CA is the root certificate for some certificates used by Adobe Acrobat and Acrobat Reader. Acrobat Reader uses Adobe-issued certificates to enable extended use rights in certain workflows. With the November 2022 release of Adobe Acrobat and Acrobat Reader, Adobe has updated the applications to use the new 'Adobe Root CA 2' root certificate. 

Creation of Reader Extended PDFs from Adobe Acrobat

Adobe Acrobat uses a certificate issued by 'Adobe Root CA' to sign Reader Extended PDFs. This certificate can no longer be used to create new Reader Extended PDFs post its expiry on January 7, 2023. The November 2022 update of Adobe Acrobat (Continuous and Classic track) creates Reader Extended PDFs using a new certificate issued by ‘Adobe Root CA 2’. Adobe recommends users update to the latest version of Acrobat (November 2022 update or later) to continue using this functionality post-January 7, 2023.

Consumption of Reader Extended PDFs in Acrobat Reader

Reader Extended PDFs will continue to function as they did before and after 'Adobe Root CA' expires on January 7, 2023 in all the latest versions of Acrobat Reader from the Continuous and Classic tracks. Users don't need to make changes to their existing Reader Extended PDFs or take any other action with respect to the ‘Adobe Root CA’ expiry before January 7, 2023.

Get help faster and easier

New user?