Product Documentation

To sign a profile

Dec 17, 2015

Application streaming to desktops can use digital signatures to authenticate the origin and integrity of profiles signed by a trusted publisher. The signed profile applies to all applications and files contained in the profile. Applications from signed profiles are checked by user devices that have a trust list installed and can authenticate the code-signed certificate against the trust list. When signing is enabled, the user device checks the integrity of each file as it is cached.

After you install and configure your code-signing certificates, sign profiles through the New Profile, New Target, and Update Target wizards. To view or modify the signature settings for the profile, from the Tools menu, select Sign Profile.

To sign a profile, you need a code-signing certificate on the profiler workstation and a Certificate Trust List certificate for certificate verification on the user device. Also, you must know the password for the certificate you are using to sign.

  • To sign the profile using a certificate residing on the drive, choose Sign using key from selectable file and browse and select your certificate file
  • To sign the profile using the code-signing certificate installed on your profiler workstation, choose Sign using locally installed certificate

Signing a linked profile created for inter-isolation communication does not sign the individual profiles automatically. Instead, each linked profile must be signed separately.

Remove a signature from a signed profile at any time by opening the profile, and from the Tools menu, select Unsign Profile.

Additionally, to set a default signature setting for profiles and skip this page in future profiling, you can set a preference to disable or enable profile signing.