Creating a file signing certificate with OVAL rules
September 13, 2022
ID 231191
This Help provides information related to Kaspersky Endpoint Agent for Windows. This information may be partially or completely inapplicable to Kaspersky Endpoint Agent for Linux. For complete information about Kaspersky Endpoint Agent for Linux, please refer to the Help of the solution that includes the application: Kaspersky Anti Targeted Attack Platform or Kaspersky Managed Detection and Response.
To create a file signing certificate with OVAL rules:
- On the device, run a command line interpreter (for example, Command Prompt
cmd.exe
) with the permissions of the local administrator. - Using the
cd
command, navigate to the folder where the ovaldbmgr.exe file is located.For example, you can type the following command
cd "C:\Program Files (x86)\Kaspersky Lab\Endpoint Agent\Tools"
and press Enter. - Depending on the location of the certificate, run one of the following commands and press Enter:
- To create a certificate and then place it the
System Storage Local Machine:
ovaldbmgr.exe --signer=make-cert --subject=<
certificate name>
- To create a certificate and then place it in the PFX container:
ovaldbmgr.exe --signer=make-cert --subject=<
certificate_name> --export --pwd=<
password_for_accessing_the_PFX_container
> --pfx=<full_path_and_the_file_name_of_the_PFX_container
>
If the certificate is created successfully, the thumbprint of the new certificate is returned in the command line.
- To create a certificate and then place it the