Bitdefender has activated a new web content control module in the Endpoint Security app, which now results in the end user having to approve a system extension.
I have tried to add the below approved system extensions in a config profile, but they still show up. What else can I do?
Hi Kamal. Great work there. I did indeed notice that generating the .pfx file was missing in their steps. But it's sloppy work still. I've also created a package deploying the cert to /Library/DeployCert, but nothing around why we do that?
Mine still doesnt work. I get the SSL warning in BitDefender. The cert is in my Keychain and trusted, but Bitdefender doesn't seem to know how to use it. It tried including it in my Content filer profile and selecting it for use there, but that didn't work either. PPPCs and Sys Extension are working, just missing the SSL. Did you create a separate config for it and do we reference the /Library/DeployCert anywhere else?
All the best, Ulrik
When enforcing the cert via Configuration Profile, did you check the box to allow all apps to use the cert?
I am guessing, that Endpoint Security app will look for /Library/DeployCert as part of its installation instructions in the XML file with the installer. So make sure you deploy the pfx first and be sure the permissions are set correctly in composer.
Hi Greatkemo, yes I did allow all apps to access and I did check that all permissions were correct. I haven't tried reinstalling everything. With the Bitdefender Cert it just registers when you add or remove, so didn't think to try from the begenning, will try that. 👍🏼
Hi Hung_cheng. Well, I have one deployment where this worked as expected. I did everything as described and the cert I had generated in Terminal pushed out fine and was used in stead of the Bitdefender one.
But with another customer, it just won’t work. I don’t have access to this other customers bitdefender portal, so I could only check the xml files and as far as I can tell, the Only major difference is that the one that doesnt work, seems to be pulling something from a local address (172.X.X.X) I don’t know it that applies for you?