New code-signing certificate for Application Control

Technical Articles ID: KB91662
Last Modified: 2023-12-12 07:14:48 Etc/GMT

Environment

Application and Change Control (ACC) 8.x, 7.x, 6.x

Summary

Recent updates to this article

Date	Update
December 12, 2023	Minor formatting updates; no content changes.

Technical Support has updated its code-signing certificate. All Trellix product binaries released on or after June 21, 2019 are signed with the new certificate. We've added the new certificate as a trusted publisher to make sure that proper functionality of our products is maintained on systems protected by ACC.

Solution

Technical Support is investigating this issue. As a temporary measure, implement the following workaround.

Workaround

Use the following workaround.

Automatic steps for ePolicy Prchestrator (ePO)-managed systems
Only an ePO administrator can perform these steps.

Solidcore Rules

Download and extract the Trellix Publisher rule groups file attached to this article.
Go to Configuration, Solidcore Rules.
Click Import.
Select the previously extracted Trellix Publisher rule groups XML file and choose the Overwrite duplicate groups option.
Click OK.
After import, examine the server task log and verify that the import is successful.
Use an existing (or create) a server task "Solidcore: Rule Group Sanity Check" and verify the results.

Application Control Rules (Windows) - Trellix Application (Trellix Default)
If any endpoint has the Trellix Applications (Trellix Default) policy assigned, force the policy update on that endpoint using the Wake Up Agents button.

Application Control Rules (Windows) - Custom policy

If any endpoint has assigned any custom policy that contains the Trellix Publisher rule group, force a policy update on that endpoint using the Wake Up Agents button.
Suppose that an endpoint has assigned any custom policy. If the Trellix applications default policy or Trellix Publisher rule group isn't assigned to any policy, then:
1. Add the Trellix Publisher rule group to your Custom Policy.
2. Apply these policies to the endpoints.

To apply to systems with Standalone Installations of Application Control only:

Download and save the archive that's attached to this article.
To put ACC in Update mode, run the command sadmin bu.
Place the certificate files into the directory C:\Program Files\McAfee\Solidcore\Certificates.
Register the certificate files by running the following commands:

sadmin cert add -u "C:\Program Files\McAfee\Solidcore\Certificates\McAfeeLLC.SHA1.cer"

sadmin cert add -u "C:\Program Files\McAfee\Solidcore\Certificates\McAfeeLLC.SHA256.cer"

sadmin cert add "C:\Program Files\McAfee\Solidcore\Certificates\McAfeeINC.SHA1.cer"

sadmin cert add "C:\Program Files\McAfee\Solidcore\Certificates\McAfeeINC.SHA256.cer"
sadmin cert add -u "C:\Program Files\McAfee\Solidcore\Certificates\McafeeSectigo2021.cer"

Run the command sadmin cert list and see if the certificate files are registered successfully.
Switch Application Control back into Enable mode by running the command sadmin eu.

Attachment 1

Certif_McAfee_9-23-22.zip
7K • < 1 minute @ broadband

Attachment 2

Mcafee_Publisher_Q32021.zip
10K • < 1 minute @ broadband

Affected Products

Languages:

This article is available in the following languages:

Knowledge Center

New code-signing certificate for Application Control

Environment

Summary

Solution

Workaround

Attachment 1

Attachment 2

Affected Products

Languages:

Title

Title

Knowledge Center

New code-signing certificate for Application Control

Environment

Summary

Solution

Workaround

Attachment 1

Attachment 2

Affected Products

Languages:

Choose your region

Title

Title