Views:
  • Checking the purpose of certificate
    1. Verify both the module sign of "a DSA module" and "an AMSP module".
      • For Deep Security Agent (DSA) module, choose "dsa.exe" in DSA folder.
      • For Anti-Malware Solution Platform (AMSP), choose "coreServiceShell.exe" in AMSP folder.
    2. Find the file, right click and select Properties.
    3. Chose the Digital Signatures Tab in the pop up window, and click Details.
    4. Check the certificate state (included counter-sign and main-sign). All the results in this page should be correct.
       
      It is important to click all 3 items in the "certification path" (1,2 and 3 in the screenshot), as it is possible that one of them contains an error result.

      Module state

       
    5. If there is an error (as shown below), it indicates that the purpose of certificate may be disabled.

      Module state

  • Enabling related purpose (if disabled)
    1. Open Windows command line and enter certmgr to launch the certificate manager.
    2. Navigate to Trusted Root Certification Authorities > Certificates, and find the target certificate.
    3. Right click and select Properties.

      Module state

    4. Enable the certificate purpose.

      Module state