Help

New system extensions for Bitdefender

samuellarsson
New Contributor III

Posted on ‎01-14-2021 07:14 AM

Hi,

Bitdefender has activated a new web content control module in the Endpoint Security app, which now results in the end user having to approve a system extension.
6b42e3c30505441eab1e659278888a7f

I have tried to add the below approved system extensions in a config profile, but they still show up. What else can I do?
9fba3e8b66b3436c96f78fcee6b02df5
26a12bf75dad4641bf1f8aed8e852c70

0 Kudos
47 REPLIES 47

greatkemo
Contributor II
In response to BlackTiger

Posted on ‎09-18-2023 05:43 AM

@BlackTiger 

Not quite...

  1. Do not make the downloader app to your package.  
  2. Package JUST the certificate you created in /Library/DeployCert.
  3. Add the package to your policy.
  4. Add the script to your policy to run AFTER, and fill $4 and $5.
  5. Ensure your configuration profile is installed on the device before you push the policy.
0 Kudos

ulrik_hansen
New Contributor

Posted on ‎05-24-2022 03:03 AM

Hi Kamal. Great work there. I did indeed notice that generating the .pfx file was missing in their steps. But it's sloppy work still. I've also created a package deploying the cert to /Library/DeployCert, but nothing around why we do that?

Mine still doesnt work. I get the SSL warning in BitDefender. The cert is in my Keychain and trusted, but Bitdefender doesn't seem to know how to use it. It tried including it in my Content filer profile and selecting it for use there, but that didn't work either. PPPCs and Sys Extension are working, just missing the SSL. Did you create a separate config for it and do we reference the /Library/DeployCert anywhere else?

All the best, Ulrik 

0 Kudos

greatkemo
Contributor II
In response to ulrik_hansen

Posted on ‎05-24-2022 03:24 AM

Hi Ulrik,

When enforcing the cert via Configuration Profile, did you check the box to allow all apps to use the cert?

I am guessing, that Endpoint Security app will look for /Library/DeployCert as part of its installation instructions in the XML file with the installer.  So make sure you deploy the pfx first and be sure the permissions are set correctly in composer.

Kamal

0 Kudos

ulrik_hansen
New Contributor

Posted on ‎05-25-2022 04:20 AM

Hi Greatkemo, yes I did allow all apps to access and I did check that all permissions were correct. I haven't tried reinstalling everything. With the Bitdefender Cert it just registers when you add or remove, so didn't think to try from the begenning, will try that. 👍🏼 

 

0 Kudos

hung_cheng
New Contributor

Posted on ‎07-05-2022 07:36 PM

Hi all,

Any update on the SSL warning in BitDefender? I'm still stuck at this part.Screenshot 2022-07-06 at 10.35.29 AM.png

0 Kudos

ulrik_hansen
New Contributor
In response to hung_cheng

Posted on ‎07-05-2022 11:47 PM

Hi Hung_cheng. Well, I have one deployment where this worked as expected. I did everything as described and the cert I had generated in Terminal pushed out fine and was used in stead of the Bitdefender one. 
But with another customer, it just won’t work. I don’t have access to this other customers bitdefender portal, so I could only check the xml files and as far as I can tell, the Only major difference is that the one that doesnt work, seems to be pulling something from a local address (172.X.X.X) I don’t know it that applies for you?

0 Kudos

hung_cheng
New Contributor

Posted on ‎07-06-2022 03:07 AM

I tried following SSL certificate deployment through Jamf Pro steps to deploy the SSL certificate, but still no luck on this. Seems the SSL certificate has different serial number on different users. 

0 Kudos

Sbrother
New Contributor

Posted on ‎12-09-2022 06:28 AM

I've same issu with ssl certificat if we active the traffic scan ssl network... like this case https://macadmins.slack.com/archives/C0C4X3G3W/p1660243674574319

 

Any idea ?

0 Kudos