MyFavMirrors/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2024-12-26 23:25:53 -05:00
Code Issues Packages Projects Releases Wiki Activity

docs - adding help info https://github.com/Ylianst/MeshCentral/issues/4190

Browse Source
This commit is contained in:
silversword411 2022-06-30 00:41:23 -04:00
parent 21939e8213
commit 01a385d272
No known key found for this signature in database
GPG Key ID: CF805301BBB8CC0C
1 changed files with 57 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
docs/docs/meshcentral/codesigning.md
View File

@ -6,6 +6,63 @@ Nodejs Code Signing module
<iframe width="320" height="180" src="https://www.youtube.com/embed/xteKscs_Jgo" frameborder="0" allowfullscreen></iframe> <iframe width="320" height="180" src="https://www.youtube.com/embed/xteKscs_Jgo" frameborder="0" allowfullscreen></iframe>
</div> </div>
MeshCentral comes with authenticode.js, you can run it like this:
```bash
node node_modules/meshcentral/authenticode-js
```
and you will get
```
MeshCentral Authenticode Tool.
Usage:
node authenticode.js [command] [options]
Commands:
info: Show information about an executable.
--exe [file] Required executable to view information.
--json Show information in JSON format.
sign: Sign an executable.
--exe [file] Required executable to sign.
--out [file] Resulting signed executable.
--pem [pemfile] Certificate & private key to sign the executable with.
--desc [description] Description string to embbed into signature.
--url [url] URL to embbed into signature.
--hash [method] Default is SHA384, possible value: MD5, SHA224, SHA256, SHA384 or SHA512.
--time [url] The time signing server URL.
--proxy [url] The HTTP proxy to use to contact the time signing server, must start with http://
unsign: Remove the signature from the executable.
--exe [file] Required executable to un-sign.
--out [file] Resulting executable with signature removed.
createcert: Create a code signging self-signed certificate and key.
--out [pemfile] Required certificate file to create.
--cn [value] Required certificate common name.
--country [value] Certificate country name.
--state [value] Certificate state name.
--locality [value] Certificate locality name.
--org [value] Certificate organization name.
--ou [value] Certificate organization unit name.
--serial [value] Certificate serial number.
timestamp: Add a signed timestamp to an already signed executable.
--exe [file] Required executable to sign.
--out [file] Resulting signed executable.
--time [url] The time signing server URL.
--proxy [url] The HTTP proxy to use to contact the time signing server, must start with http://
Note that certificate PEM files must first have the signing certificate,
followed by all certificates that form the trust chain.
When doing sign/unsign, you can also change resource properties of the generated file.
--filedescription [value]
--fileversion [value]
--internalname [value]
--legalcopyright [value]
--originalfilename [value]
--productname [value]
--productversion [value]
```
## Automatic Agent Code Signing ## Automatic Agent Code Signing
If you want to self-sign the mesh agent so you can whitelist the software in your AV, and lock it to your server and organization. If you want to self-sign the mesh agent so you can whitelist the software in your AV, and lock it to your server and organization.