Loading...

Knowledge Center


Binary is signed by a certificate, but an ‘Allow by Certificate’ rule cannot be created
Technical Articles ID:   KB85696
Last Modified:  9/24/2015

Environment

McAfee Application Control (MAC) 7.0.x

Problem

An Allow by Certificate rule cannot be created even though the binary is signed by a certificate.

Solution

There are a couple of possible causes/solutions:
  • The associated certificate is not an Embedded certificate.

    To allow the certificate, go to Menu, Application Control, Policy Discovery, Policy Discovery Details page. In the Request Details section, click the Lookup in TIE link and set the certificate reputation.

    Alternatively, you can search for the certificate hash under TIE Reputation, Certificate Search tab to set the certificate reputation.
     
  • The associated certificate is present in the Restricted Publisher Names list.

    It is not recommended to change the Restricted Publishers list. To view the list, go to Menu, Configuration, Server Settings, Solidcore, Restricted Publisher Names.

Rate this document

Beta Translate with

Select a desired language below to translate this page.

Languages:

This article is available in the following languages:

English United States
Japanese

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.