A customer using Solidifier on Windows 10 is running into problems using our product's installer with Solidifier. The execution of various modules is being denied. I know it is possible to whitelist specific EXEs and DLLs for Solidifier using file hashes. However, the customer claims it is also possible to whitelist by Code Signing Certificate. Meaning all the files with our Code Signing Certificate are automatically white listed. I don't know if this is correct, but if so, I can't seem to find any articles on how to do this. What information do I need to provide to the customer? Thanks.
Yes, its possible to use the code signed certificate to whiltelist applications. The ScGetCerts ((<Install_dir>\Tools\ScGetCerts\ScGetCerts.exe) utility is used to extract certificate from a binary file on system where the whitelist needs to be created.
Note: Application Control supports only X.509 certificates.
See the Application Control Prodcut Gudie for command and usage (Page 36)
THere is also a server task in epo. Called "scan a software repository" Where you can specify a share of all your exe's (code) and we can pull the certs and add them to epo automatically.
Or you can put a client in observe mode and run the code and the observation should pick it up you can allow it that way.
Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?