Difference between revisions of "BCX Software CA Installer"
(Created page with " ==Code Signing== Executables and scripts can be signed digitally to both guarantee that code has not been tampered with, and to prove the publishers identity. Burconix supp...") |
|||
(2 intermediate revisions by the same user not shown) | |||
Line 16: | Line 16: | ||
Burconix provides a Tool which can be run on a DC from: | Burconix provides a Tool which can be run on a DC from: | ||
− | '''\\bcxmaster\c$\Program Files | + | '''\\bcxmaster\c$\Program Files\Tools\BCXSoftwareCAInstaller\BCXSoftwareCAInstaller.exe''' |
This has several options as shown below: | This has several options as shown below: | ||
Line 27: | Line 27: | ||
This option must be run from a DC. | This option must be run from a DC. | ||
+ | |||
+ | Options 2-4 may be run on any station – They can Verify /Add/Remove the certificate locally, and can be useful in testing a deployment before creating the GPO with option 1. | ||
[[File:bcx ca gpo.png|link=]] | [[File:bcx ca gpo.png|link=]] | ||
− | |||
− | |||
− | |||
==FAQ== | ==FAQ== |
Latest revision as of 13:59, 21 May 2021
Code Signing
Executables and scripts can be signed digitally to both guarantee that code has not been tampered with, and to prove the publishers identity.
Burconix supplied code that requires admin privileges is electronically signed with a certificate to enable validation via UAC.
Once the certificate is installed on your network, the code’s integrity will be verified as “Burconix Ltd Software” as the certified publisher.
Installing the Burconix Certificate to your Domain
Burconix provides a Tool which can be run on a DC from:
\\bcxmaster\c$\Program Files\Tools\BCXSoftwareCAInstaller\BCXSoftwareCAInstaller.exe
This has several options as shown below:
Option 1 will create a new GPO, shown below, and automatically deploy the Burconix certificate to all servers and stations on your network.
This option must be run from a DC.
Options 2-4 may be run on any station – They can Verify /Add/Remove the certificate locally, and can be useful in testing a deployment before creating the GPO with option 1.
FAQ
The certificate use is issued for code signing only, and cannot be used to validate/spoof websites.
Once added to Group Policy, it may take up to 30 mins to propagate around your network. Endpoints may require a gpupdate or reboot to acquire the certificate.
All software signed by this certificate will show the publisher as “Burconix Ltd Software”
Return to Contents page