Troubleshooting

• Please make sure you've entered the correct username and password. Note: you are only allowed five (5) login attempts. If you've reached 5 failed login attempts, your account will be locked.

• If it's your first time to login, you may copy and paste the username and password from the email notification. The username and password should not have extra spaces and please be reminded that the password is alphanumeric.

• If you've already changed your password but forgot the new password, you may use the Forgot Password link in the PNPKI Self-Service Portal login page to reset your password. If your account is already locked, you will not be able to use this successfully, please inform us if this is the case.

You may request for password reset via the Self-Service Portal Forgot Password link: https://govca.npki.gov.ph/SecureTMSSelfSrv/recovery.jsp. Please note that you can only successfully reset your password if your account is not Locked (after 5 failed login attempts) or Dormant (no account activity for more than 180 days).

Send us an email using your registered email address if you need further assistance such as reactivating your account or manual reset of your password.

You have encountered this problem because you are requesting for USERGENERATED (create browser certificate) token type but your current browser does not support key generation.

Please request for token type P12 (select RSA and key size 2048 if not sure which to select).

If you intend to proceed with USERGENERATED (create browser certificate), please use Firefox ESR version 68.x or lower to request your certificate because other browsers may not support the user generation of key pairs for your digital certificate.

Don't worry. The message only means that you have a pending certificate request for approval. You may ignore it. You will also receive an email notification containing the p12 password once your certificate has been issued.

The message means that the private key corresponding to the requested digital certificate is not found in your Firefox browser and is encountered when you have selected USERGENERATED (create browser certificate) when requesting for certificate. This is usually caused by the ff.:

• A different browser and/or computer was used to request the certificate.

If this is the case, please install the certificate from the same browser (not updated or re-installed) and computer you've used to request it.

• Your Firefox browser was re-installed or updated.

If this is the case, your private key may already be deleted from your browser/computer. You may request for a new certificate. Kindly submit the signed revocation request form for your previously issued certificates stating the reason.

• You have already installed the certificate before then deleted the certificates from the Certificate Manager.

If this is the case, please use your certificate backup file (.p12 file) because the private key can no longer be found in the browser. If you don't have a backup file, you may request for a new certificate. Kindly submit the signed revocation request form for your previously issued certificates stating the reason.

This means that only your certificate is being downloaded and it is not being bound to private key.

This is encountered when you have selected USERGENERATED (create browser certificate) when requesting for certificate. This is usually caused by the ff.:

• A different browser and/or computer was used to request the certificate.

If this is the case, please install the certificate from the same browser (not updated or re-installed) and computer you've used to request it.

• Your Firefox browser was re-installed or updated.

If this is the case, your private key may already be deleted from your browser/computer. You may request for a new certificate. Kindly submit the signed revocation request form for your previously issued certificates stating the reason.

• You have already installed the certificate before then deleted the certificates from the Certificate Manager.

If this is the case, please use your certificate backup file (.p12 file) because the private key can no longer be found in the browser. If you don't have a backup file, you may request for a new certificate. Kindly submit the signed revocation request form for your previously issued certificates stating the reason.

Because the PNPKI Root CA certificate is not automatically included in the Adobe Trusted List, the signer and also the recipients should manually add the CA certificate to Adobe's Trusted List. This is only done one-time per device used.

Kindly review the manual on how to add the certificate to Adobe Trusted List, specifically, "Adding PNPKI Root Certificate to Adobe's Trusted Certificates" (page 9 onwards):

Digitally Signing PDF with Adobe Reader

The warning appears when you add timestamp separate from the digital signature.

However, you can check that a timestamp will be added to your digital signature (instead of computer's clock time) now that you've setup the timestamp configuration.

You have encountered this error because the file you are signing might be corrupted. Please generate a new PDF file or request a new file from the originator.

You are encountering this error because you may be have typed the wrong timestamp URL. Please check if the timestamp URL begins with http://

Timestamp URL: http://govca.npki.gov.ph:8442/signserver/tsa?workerName=TimeStampSigner

You are encountering this error due to a server-related problem.

For the meantime, you may proceed with signing by disabling CRL embedding, by unchecking "Include signature's revocation status" in Edit (Windows) / Acrobat Reader (MacOS) > Preferences > Signatures > Creation&Appearance

If you can no longer retrieve your certificate (p12) file, you will need to request for a new certificate. Kindly submit the revocation form for your previously issued certificate.