cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Solidifier: how to whitelist by code signing certificate

A customer using Solidifier on Windows 10 is running into problems using our product's installer with Solidifier. The execution of various modules is being denied.  I know it is possible to whitelist specific EXEs and DLLs for Solidifier using file hashes. However, the customer claims it is also possible to whitelist by Code Signing Certificate. Meaning all the files with our Code Signing Certificate are automatically white listed.  I don't know if this is correct, but if so, I can't seem to find any articles on how to do this. What information do I need to provide to the customer? Thanks.

2 Replies
Reliable Contributor bodysoda
Reliable Contributor
Report Inappropriate Content
Message 2 of 3

Re: Solidifier: how to whitelist by code signing certificate

Yes, its possible to use the code signed certificate to whiltelist applications. The ScGetCerts ((<Install_dir>\Tools\ScGetCerts\ScGetCerts.exe) utility is used to extract certificate from a binary file on system where the whitelist needs to be created. 

Note: Application Control supports only X.509 certificates.

See the Application Control Prodcut Gudie for command and usage (Page 36)

McAfee Application Control 7.0.0 Product Guide

 

 

McAfee Employee BEllis
McAfee Employee
Report Inappropriate Content
Message 3 of 3

Re: Solidifier: how to whitelist by code signing certificate

THere is also a server task in epo. Called "scan a software repository" Where you can specify a share of all your exe's (code) and we can pull the certs and add them to epo automatically.

 

Or you can put a client in observe mode and run the code and the observation should pick it up you can allow it that way.

McAfee Support

Benjamin Ellis

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

MPower Badge Now Available
Customers attending MPower can earn a community badge. Check into the MPower forum and say hi to have the badge awarded to your community profile.