Author Topic: PKI Certificate for Third-Party Update Code-Signing in SCCM  (Read 3906 times)

Offline Justin Chalfant

  • Patch My PC Support
  • Administrator
  • Hero Member
  • *****
  • Posts: 2153
    • View Profile
    • Patch My PC Support
PKI Certificate for Third-Party Update Code-Signing in SCCM
« on: December 28, 2018, 01:34:06 PM »


Overview

  • In this video guide, we will cover how you can use a code-signing certificate from an Active Directly Certificate Services infrastructure or using a public certificate authority such as DigiCert for signing third-party software updates in Microsoft System Center Configuration Manager (SCCM). Using a trusted PKI based code-signing certificate can be an alternative to using a self-signed certificate.

Topics in Video

Helpful Resources:


Offline RaslDasl

  • Newbie
  • *
  • Posts: 1
    • View Profile
Re: PKI Certificate for Third-Party Update Code-Signing in SCCM
« Reply #1 on: October 17, 2019, 09:35:52 PM »
What would be the reason to use a PKI cert rather than letting SCCM create and manage the cert?

Offline Justin Chalfant

  • Patch My PC Support
  • Administrator
  • Hero Member
  • *****
  • Posts: 2153
    • View Profile
    • Patch My PC Support
Re: PKI Certificate for Third-Party Update Code-Signing in SCCM
« Reply #2 on: October 18, 2019, 07:45:14 AM »
PKI is generally considered a little more best-practice since certs are issues from a trusted CA and can be more easily revoked. Here are some resources that may be helpful

https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/self-signed-certificates-secure-so-why-ban/
https://en.wikipedia.org/wiki/Self-signed_certificate