Enable Manual Signatures
This section describes how to enable manual signatures and how to Share Unsigned and Signed .cab Files.
To enable manual signatures:
| 1. | Connect a daemon to your Software Vulnerability Research account by going to Settings > Assessment > Update Servers & Daemon. |
| 2. | Select a daemon. |
| 3. | Click the More Info action. In the pop-up, you will see a summary of the current state: the label Digital signatures: Automatic and the button Sign packages manually. |
| 4. | Toggle the Sign packages manually button to create the desired state: the label Digital signatures: Manual and the button Sign packages automatically. |
Note:The daemon will continue to process requests from the Software Vulnerability Research server while waiting for the signed .cab file, regardless how long it takes. However, if a new agent is released during this window, the process will deploy the older version of the agent.
Note:Enabling manual digital signatures changes the behavior of two Software Vulnerability Research patching processes: Deploy the Agent for a Manual Signature and Deploy a Patch Package for a Manual Signature. Both processes now require a manual step to sign a .cab file before it can be deployed to WSUS. Reverting to automatic digital signatures results in future packages being signed with the certificate that WSUS is configured to use, just like occurred before the introduction of manual signature support. In all cases, the signature that is applied to a .cab file must be trusted by downstream machines, or updates will not be applied.