Reply to Message

View discussion in a popup

Replying to:
oliAH
Enthusiast
Enthusiast

I consider packaging an app with a certificate a very bad practice. Certificate(s) should be deployed with a GPO. It's easy, clean and a well-managed deployment.  (depending on the source certificate and your internal infrastructure, you may even use Autoenrollment)

If for some reason you need to package it with the app, it's possible and should be captured as a single package. But you'll have to modify the snapshot.ini file of ThinApp (file in the thinapp install folder) to be able to capture the certificate installation during the capture process. By default, ThinApp restricts certain locations from scans by reading the snapshot.ini exclusion file.

You'll have to remove or comment the following line(s) from the snapshot.ini depending if your capturing on a 32-bit or a 64-bit OS:

0015=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates

0105=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates

The snapshot.ini file says it but if you delete/comment a value make sure, there are no gaps in the numbers!

Note the previous lines were for a machine certificate installation. If your certificate is not captured even after this change, you may have other lines to remove to the snapshot.ini file but thre previous two lines should be enough for a machine certificate.

Olivier

Blog: http://oliah.net >> Twitter: @olivier_ahson
Reply
0 Kudos