Approving an exception
The station verifies the signature on each program object to ensure that the certificate chain is trusted. If the root CA
certificate used to sign the code-signing certificate is in the station’s User Trust Store, the code runs without further intervention. If the code signing-certificate is self-signed, or the root CA certificate is
missing, the station reports an error, after which you may approve an exception.
Prerequisites: Your program object has been signed by a self-signed code-signing certificate, or the code-signing certificate
is not trusted.
- The signed program runs at least once.The system displays an error message and adds the certificate to the station’s User Trust Store.The red shield with the white X in the Certificate Management view, User Trust Store tab, indicates the untrustworthy condition of the code-signing certificate.
- If you know that the certificate is safe, approve an exception by clicking the Approve button.
This exception is similar to accepting the self-signed certificate when you initially log in to a platform or station. The
ability to approve this exception is provided for convenience. Your system is much more secure when you follow the recommended
practice of signing code-signing certificates with the private key of your company’s or a third party’s root CA certificate,
which is in the station’s User Trust Store.