The Certificate Details page includes a Certificate Type field, which has a value for leaf certificates only.
Certificate type indicates what the leaf certificate is being used for and how it is associated with a file. The type is a combination of the following terms:
- Embedded
- The digital signature for a file is embedded in a non-executable part of the file itself.
- Detached
- The file to be signed is hashed into a digest and the digital signature is applied to the digest and included in a separate catalog file, which can contain certificates for multiple files.
- Signer
- The certificate is the code-signing certificate for files it signs.
- Cosigner
- The certificate is a cosigner (also called “countersigner”) certificate for files it signs. Cosigner certificates are normally used for time stamping.
Each instance of a leaf certificate must be either embedded or detached, and it must be a signer or a cosigner, so the minimum number of descriptors in the Type field for any certificate is two. There could be more than two since the same certificate can be used in different ways and so can have different types. One certificate in the Certificates Table may display its Type as Embedded Detached Signer, for example, or some other combination of these terms.
Caution: Only certificates identified and used as the Signer for a file may be approved or banned. Cosigner certificates are not assigned a state by
Carbon Black App Control.
