Whitelist SecOps Solution Code Signing Public Certificate in a Windows System

Overview

To ensure that scripts signed with SecOps Solution Code Signing Certificate can execute without interruption, you need to whitelist the certificate on the target Windows system. This involves adding the certificate to specific certificate stores and configuring the script execution policy.

1. Download the Public SecOps Code signing Certificate.
   

1. Locate your SecOps Code Signing Certificate file.

2. Double-click the certificate file to open the Certificate window.

3. Click Install Certificate.

4. Choose Local Machine and click Next.

5. Select Place all certificates in the following store, then click Browse.

6. Choose Trusted Root Certification Authorities and click OK.

7. Click Next and then Finish to complete the installation.

1. Double-click the certificate file again to open the Certificate window.

2. Click Install Certificate.

3. Choose Local Machine and click Next.

4. Select Place all certificates in the following store, then click Browse.

5. Choose Trusted Publishers and click OK.

6. Click Next and then Finish to complete the installation.

By default, PowerShell restricts script execution. To enable the execution of signed scripts:

1. Open PowerShell as an administrator.

2. Check the current execution policy:
   Get-ExecutionPolicy

3. If it is not set to RemoteSigned, configure it by running:
   Set-ExecutionPolicy RemoteSigned

4. Confirm the change if prompted.

Notes

• Whitelisting the SecOps Code Signing Certificate ensures that the system trusts scripts and executables signed with this certificate.
  
• Setting the execution policy to RemoteSigned ensures that all remote scripts must be signed by a trusted publisher, enhancing security.