After you configure and tested SecureLogin in an user environment, you can create a digital signing key that is embedded in the .exe file. You can distribute the file through a web download or email to the users. When users receive the file, they need to double-click the file to load to the local workstation. This updates the following configurations:
Preferences
Application definitions
Password rules
Credentials
This is collectively known as the SecureLogin configured user environment. This is designed for users of standalone SecureLogin (such as mobile users) and those who do not frequently connect to the corporate network.
When a digital signing key is created, the key pair is randomly generated by SecureLogin to increase security.
To create a digital signing key, perform the following steps:
Launch SLManager.
In the object field, specify your object name, then click OK.
Click Distribution.
Click Save.
Select the configurations you want to export.
Under Select File Protection, select Digitally signed and encrypted.
(Optional) Select Administrative data will overwrite user’s data without notification.
If you select this option, users are prompted before overwriting any data with the configuration settings saved in the .msi file.
IMPORTANT:Selecting this option results in the user data being overwritten with the configuration setting in the .msi file for any items that are present in both user’s local configuration and administrative configuration (.exe file).
For example, if a user has an application definition configured locally, and a predefined application definition is supplied in the .exe file, the .exe file application definition overwrites the user’s application definition without notification.
However, for example, if a user has configured a Hotmail application definition locally, and a predefined application is not supplied in the .msi file, the user’s Hotmail application definition is not changed.
Click Manage Keys.
Specify a name for the key in Generate Digital Signing Key.
Click Create > Close.
In Key List, select the newly created key.
Under Install, click Install Package.
Browse to locate the distribution file (.msi file) in which you want to embed the key.
Click Open. A confirmation message that the key is embedded in the .msi file is displayed.
Click OK.
You can now distribute and install the .msi file on the user’s machine. This allows them to import signs that are signed and encrypted.
After the keys are created, they must not be deleted because they are randomly generated. They key used must correspond to the key that is been previously packaged and with the distributed installer.