It seems impossible to sign a pdf document with a Cacert client certificate.
When signing or reading an already signed document, Adobe Reader downloads the CRL file (Certificate Revocation List) from the Cacert site (http://crl.cacert.org). This download has to be aborted because it takes too much time.
How to solve this problem ?
The first method of authentication, OCSP, seems unsuccessful so the program downloads the CRL.
Below is a log of Adobe reader, which shows the OSCP check and after that the CRL check :
20161117160149Z: Validating cert graph with 1 chains