SecureAPlus: Allow Microsoft Trusted Certificate List?

Status
Not open for further replies.

shmu26

Level 85
Thread author
Verified
Helper
Top poster
Content Creator
Well-known
Jul 3, 2015
8,131
I am trying to configure the SecureAPlus whitelisting settings, and one of the options is to allow anything on the Microsoft Trusted Certificate List to be trusted as an installer.
Is the Microsoft list safe, more or less?
 
  • Like
Reactions: _CyberGhosT_

jamescv7

Level 85
Verified
Helper
Mar 15, 2011
13,085
There are circumstances that Microsoft Trusted Certificate can be abused by intruders as meant of bypass which why the configuration is disabled by default as it can reduce the protection.

But still its only a 'circumstance', it can happen but not prevalent anywhere.
 
  • Like
Reactions: _CyberGhosT_

_CyberGhosT_

Level 53
Verified
Helper
Top poster
Content Creator
Well-known
Aug 2, 2015
4,301
IMHO if your not an advanced user I would leave that at the default.
The call is yours though.
PeAcE
 

shmu26

Level 85
Thread author
Verified
Helper
Top poster
Content Creator
Well-known
Jul 3, 2015
8,131
SAP support staff answered me that Microsoft Trusted Certificate List is the least restrictive of their 3 trust options.
I discovered that you can turn off trust altogether in SAP, and the result -- according to their support staff -- is that application will be trusted solely on the basis of hashes. This produces more prompts for user decisions, of course.
 
Status
Not open for further replies.