Installing Authenticode signature prior to Seagull Driver installation
Overview
Windows security will prevent users from installing drivers silently or allowing users to connect to package-aware drivers across the network. Install the Authenticode signature for Seagull Scientific printer drivers to deem them "trusted software" on your network.
Package-aware printer drivers
7.4.3 driver release and later
A client machine will not be able to connect to a networked printer using a package-aware driver until the Authenticode signature has been installed. Follow the instructions below to install the Authenticode signature on each client, or add it to a group policy.
In response to Microsoft Windows security rollout MS16-087, Seagull drivers are now Package-Aware starting with the 7.4.3 driver release. Being package-aware enables users to connect to networked printers without administrator credentials - provided Seagull Scientific has been deemed a “trusted” software publisher on the client machine.
Instructions
Extract the driver package
- Download the latest Seagull drivers from our website
- Extract the driver files to the c:\Seagull folder
- Run the DriverWizard.exe tool to remove previously installed printer drivers, if needed.
Extracting the certificate
An IT admin will need to extract the Seagull Certificate file from the catalog file (actually, any driver .dll or .exe can be used).
- Locate the catalog file, it can be found with the rest of the driver files and has the .cat extension
- Right click on the cat file and click on Open
- Click on View Signature button at the bottom of the dialog
- Click on View Certificate button
- On the next dialog, click on the Details tab at the top
- Click on the Copy to file button at the bottom
- Step through the export wizard. You will need to provide a location and file name for the certificate, but the rest of the settings shouldn't need to be changed.
- A reboot may be needed at this point
Importing the certificate
You can add the certificate to a single workstation, or add it to a domain group policy.
- Download the 'DigiCert Trusted Root G4' CRT file from the following website,
https://www.digicert.com/kb/digicert-root-certificates.htm - On the machine double-click the certificate. Note that the window will show this certificate as 'not trusted'. This will change after the certificate has been properly installed.
- Click the 'Install Certificate' button.
- When asked where to place the certificate, manually choose 'Trusted Root Certification Authorities'.
- Complete the wizard.
- Close the window and re-open again by double-clicking the certificate file. If it was installed correctly the window should no longer show the certificate as untrusted.
Adding certificate to single workstation:
- Browse to the location of the extracted driver files (default is C:\Seagull)
- Open .cat file in the driver installation files folder
- Click "View Signature"
- Click "View Certificate"
- Click "Install Certificate"
- Use the Wizard to install the certificate
- When asked where to place the certificate, manually choose 'Trusted Root Certification Authorities'.
Adding certificate To domain group policy:
- Open the Group Policy Management application. Start > Administrative Tools > Group Policy Management
- Locate and right click on the domain group policy, click on Edit
- Select Computer Configuration > Policy > Windows Settings > Security Settings > Public Key Policies
- Right click on the Trusted Publishers and click on Import
- Step through the import wizard, provide the location and name of the certificate when asked then finish out the wizard. Other than the file, no other settings should need to be changed.
Install the driver using Seagull Driver Wizard
You may now connect to package-aware drivers across your network or install the drivers silently without security prompts blocking them.