I have two digital certificates added to the Solidcore configuration, one configured as updater and the other with execute permission only. I am using these two certificates to sign the *.msi files.
I am unable to find any difference between these two certificates when a MSI file is installed and uninstalled. Solidcore adds all files installed by these two msi into the whitelist and when uninstalled removes them from the whitelist.
Can anyone tell me the difference between these two certificates with respect to msi ?Message was edited by: sagarmc004 on 1/7/14 4:00:44 AM CST
Installers and Updaters are slightly different,
Updaters are authorized components that are permitted to update the system, make changes to a protected file. By signing the MSI with and updater approved trusted cert you are overriding the pkg-ctrl permitting the MSI to make changes to the system.
Allow execute would normally be used to whitelist in house applications to permit a binary to execute.