Easy2Patch v4.0
Easy2Patch v4.0
  • Infrastructure Documents
  • Overview
    • What is Easy2Patch?
    • Request a new 3rd Party Applications
    • FAQs
    • Road Map
    • Version Compare
    • Licensing
  • Planning
    • POC Requirements for Easy2Patch 3.1
    • POC Requirements for Easy2Patch 4.0 Web Edition
    • Supported Configurations
    • Windows Operating System Requirements
    • SQL Server Requirements
    • Other Requirements
    • Network Considerations
    • Antivirus Exclusion List for Easy2PatchV3
    • Design
      • Update & Application & Intune (Server Deployment)
      • Standalone WSUS Deployment
      • Standalone Intune Deployment
  • Deployment
    • Installing WSUS Console
    • Installing SCCM Admin Console
    • Installing IIS Component for Easy2Patch 4.0
    • Configuring Intune Application Registration
    • Getting Code-Signing Certificate
    • Installing Easy2Patch 3.1
      • Upgrading to Easy2Patch 3.1.10
      • Licensing Easy2Patch 3.1
    • Installing Easy2Patch 4.0
      • Upgrading Easy2Patch 4.0
      • Easy2Patch Backup & Restore
      • Licensing Easy2Patch 4.0
  • Configuring
    • SSL Configuration in WSUS for 3rd Party Update
    • Configuring ConfigMgr for 3rd Party Updates
    • Easy2Patch 3.1 Settings
      • General
        • Certificate Management
        • Backup Settings
          • Restore Easy2Patch 3.x
        • General Settings
        • Application Deployment
        • Intune Deployment
        • Maintenance
      • Notification
        • E-Mail
        • Telegram
          • Creating a Telegram Bot
          • Telegram Chat ID
      • SCCM / WSUS / INTUNE
        • WSUS Settings
        • SCCM Settings
        • Database Settings
        • Intune Settings
      • Proxy
    • Easy2Patch 4.0 Settings
      • Migrate from Easy2Patch 3.x
      • General Settings
        • General
        • Identity
          • Active Directory
          • EntraID
            • Required Permissions for EntraID
        • Proxy
        • Log
        • Maintenance
        • Login
      • Deployment Settings
        • Process Conflict
        • Update
        • Application Deployment
        • Intune Deployment
        • Defender
      • Connection Settings
        • Database
        • SCCM
        • WSUS
        • Intune
      • Managements
        • Role
        • License
        • Certificate Management
      • Alert Settings
        • Notification
          • E-Mail
          • Telegram
            • Creating a Telegram Bot
            • Telegram Chat ID
            • Telegram Setting
        • Alerts
        • Recipients
  • Managing Easy2Patch
    • Easy2Patch 3.1
      • Update
      • Application Deployment
      • Intune Update
      • Intune Application
      • License Management
    • Easy2Patch 4.0
      • Dashboard
        • WSUS
        • SCCM
        • Intune
      • Update
        • Application Custom Settings
        • WSUS Maintenance
        • Side Menu
      • Application
        • Application Deployment Right Click Menu
        • Application Custom Settings
        • SCCM Maintenance
        • Side Menu
      • Intune Update
        • Intune Update Right Click Menu
        • Application Custom Settings
        • Intune Maintenance
        • Side Menu
      • Intune Application
        • Intune Application Right Click Menu
        • Application Custom Settings
        • Intune Maintenance
        • Side Menu
      • CVE List
      • Schedule
      • Reporting
        • Update Status
  • Troubleshooting
    • Schema files not found!
    • Failed to sign package
    • Fixing 500.19 web.config error
    • Securing Windows Server
Powered by GitBook
On this page
  • Create Code-Signing Certificate Template
  • Request Code-Signing Certificate
  • Installing Code Signing Certificate

Was this helpful?

  1. Deployment

Getting Code-Signing Certificate

Scope: Easy2Patch (All Versions)

PreviousConfiguring Intune Application RegistrationNextInstalling Easy2Patch 3.1

Last updated 10 months ago

Was this helpful?

Create Code-Signing Certificate Template

To create a Code Signing certificate template in Windows Server Certification Authority, follow these steps:

  1. Open the Certification Authority snap-in on your Windows Server.

  2. Right-click the Certificate Templates folder, and select Manage.

  3. In the Certificate Templates console, right-click Code Signing, and select Duplicate Template.

  4. In the Duplicate Template dialog box, select Windows Server 2003 Enterprise as the template type.

  5. In the General tab of the Properties dialog box, enter a unique name for the new template, such as "Code Signing 2019".

  6. In the Request Handling tab, select "Allow private key to be exported".

  7. In the Subject Name tab, select "Supply in the request".

  8. In the Extensions tab, select "Application Policies" and click Edit.

  9. In the Application Policies Properties dialog box, select "Code Signing" and click OK.

  10. In the Security tab, add the appropriate users or groups who will be able to enroll for this certificate template.

  11. Click OK to save the template.

  12. Right-click the Certificate Templates folder, select New, and select Certificate Template to Issue.

  13. In the Enable Certificate Templates dialog box, select the new Code Signing certificate template that you just created.

  14. Click OK to close the dialog box.

After completing these steps, the Code Signing certificate template will be available for users or groups to enroll and obtain a code signing certificate from your Certification Authority.

Request Code-Signing Certificate

To request a code signing certificate from a Windows Server Certification Authority (CA), you can follow the steps below:

  1. Open the Certificates snap-in for the Microsoft Management Console (MMC). You can do this by pressing the Windows key + R on your keyboard, typing "certlm.msc" in the Run dialog box, and pressing Enter.

  2. Click Personel then select Certificates in Local Machine certificate repository.

  3. Right click Certificates folder,

  4. Select All Tasks > Request New Certificate

  5. In the Certificate Enrollment wizard, select "Active Directory enrollment policy".

  6. Select "Code Signing" as the certificate template (as previously created template) and click Next.

  7. Click More Information link,

  8. In the Certificate Information window, provide the required information for the certificate, such as the Common Name and Organization.

  9. Click the Details button to specify any additional information that you want to include in the certificate request, such as the Key Usage and Extended Key Usage.

  10. Click Next to continue.

  11. Submit the certificate request file to the Windows Server Certification Authority.

Note: The steps may vary slightly depending on the version of Windows Server you are using.

Installing Code Signing Certificate

General steps to import a code signing certificate to a local machine repository:

  1. Open the Microsoft Management Console (MMC) by typing "mmc" in the Windows search bar and pressing Enter.

  2. Click on "File" in the top left corner and select "Add/Remove Snap-in".

  3. Select "Certificates" and click on "Add".

  4. Choose "Computer account" and click on "Next".

  5. Select "Local computer" and click on "Finish".

  6. Click on "OK" to close the Add/Remove Snap-in window.

  7. Expand the "Certificates (Local Computer)" folder and right-click on "Personal".

  8. Select "All Tasks" and then "Import".

  9. Follow the import wizard to browse and select the code signing certificate file and complete the import process.

  10. After the import is completed, the code signing certificate should be available in the local machine repository under the "Personal" folder.

Note: The exact steps may vary depending on the operating system and version of the MMC being used. It is also important to ensure that the code signing certificate is valid and issued by a trusted Certificate Authority (CA).

The Code-Signing certificate to be used must be located under LocalComputer\My (Personnel). Therefore, it should not be continued without importing into this repository.