This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Rikki
Participant
‎2024-01-10 03:30 AM

Endpoint Client Custom Software Signatures Problem

Hello,

 

So we're utilising the Harmony solution to download and deploy endpoint packages using inTune/WDAC (Windows Defender Application Control) simply we would like to upload our own custom certificate to Harmony portal to apply to our downloaded packages. 

What we're facing is when trying to upload a certificate (Policy > Export Package > End Point Client) in the Software Signatures. Has anyone actually been able to do this? Because no matter what certificate we've used it hasn't been able to import the certificate. We did also try to deploy the certificates and using SmartConsole connecting to the Harmony management address, but it still fails.

The error doesn't provide any feedback why, furthermore the documentation just suggest a self signed certificate (from our PKI infra), which we've done also TAC have suggested that's all that it needs to be. 

 

We're already working with our support partner who have a ticket open with TAC but we're making no grounds there, the ticket has been open for almost 6 months and even speaking with the main Dev. 

 

Wonder if anyone might be able to shed some light on this, hoping it's going to be something simple in the end.

just another IT body
Preview file
43 KB
0 Kudos
5 Replies
PhoneBoy
Admin
Admin
‎2024-01-10 12:49 PM

Hi, can you send me the relevant SR(s) in a PM?
I'll have someone take a look at this.

0 Kudos
Rikki
Participant
‎2024-01-24 09:27 AM
In response to PhoneBoy

Okay so it turns out that you have to issues and sign the certificate from the cert authority server. Seems a bit odd to have to do it that way. I've not got round to doing this as of yet.  It seems our partner already closed the ticket with CheckPoint anyway. 

Thank you for the response, appreciated 

just another IT body
0 Kudos
Rikki
Participant
‎2024-02-06 01:35 AM
In response to PhoneBoy

Okay, so it appears that a self signed cert still isn't working. I've asked for the ticket to be re-opened with our partner three times and they're not responding. What I've asked for is if they could elaborate on what exact attributes the cert needs. 

just another IT body
0 Kudos
PhoneBoy
Admin
Admin
‎2024-02-06 11:09 AM
In response to Rikki

Please send me the relevant SRs with Check Point in a PM.

0 Kudos
Rikki
Participant
yesterday
In response to PhoneBoy

sorry to only just get back to you. But it transpired that the product was indeed non-functional as they expected. on the backend it kept signing with the incorrect certificate. They did really test the feature I guess but it is working now. 

just another IT body
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events