Digitally Sign for Applocker

Previous Member
Previous Member
500 Up Votes 500 Likes 500 Comments Second Anniversary
in Platform

We use AppLocker in a whitelist capacity. This means that only certain folders, publishers, etc, can run on our PCs. For obvious reasons, the Appdata folder in local user profile cannot be a folder level exception, as malware commonly writes there.

 

In order to use Board auto-update, we would like to have the BoardWinClient.exe digitally signed in the future so that we can trust the Board publisher entirely. Is that possible?

Answers

  • Daniele Di Lorenzo
    Daniele Di Lorenzo Customer
    Fourth Anniversary 250 Up Votes 100 Likes 100 Comments

    It seems the installation package (the *.msi file) have the digital sign, but not the files that are then placed in app data. 

     

    Does anyone know if the digital sign can be propagated to all components? 

Categories