App Control: Will Disabling the "Expired Certificates" Setting Revoke Existing Approvals?
Article ID: 289754
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
Will disabling the "Allow approval of software with expired certificates" setting, found under Configuration > System Configuration > Advanced Options, revoke previously issued Approvals for files signed with an expired certificate?
Environment
- App Control Console: All Supported Versions
- App Control Agent: All Supported Versions
Resolution
- No, if a file was Locally Approved by a Publisher with an expired certificate when this setting was enabled, it will remain Locally Approved when the setting is disabled.
- After disabling this setting, new filesĀ using expired certificates whose verifiable timestamp is within the certificate validity period will no longer be issued Publisher Approvals.
Additional Information
- Making a change to this setting will cause all Publishers to be re-evaluated.
- This setting has no effect on bans of Publishers.
- If the timestamp is missing, invalid, or is not within the certificate validity period, then the software cannot be Approved by Publisher.
Feedback
Yes
No
Powered by
