Installing Authenticode signature prior to Seagull Driver installation Follow

Avatar
Kai Kohler

Overview

Windows security will prevent users from installing drivers silently or allowing users to connect to package-aware drivers across the network.  Install the Authenticode signature for Seagull Scientific printer drivers to deem them "trusted software" on your network.

 

Package-aware printer drivers

7.4.3 driver release and later

A client machine will not be able to connect to a networked printer using a package-aware driver until the Authenticode signature has been installed.  Follow the instructions below to install the Authenticode signature on each client, or add it to a group policy.

In response to Microsoft Windows security rollout MS16-087, Seagull drivers are now Package-Aware starting with the 7.4.3 driver release.  Being package-aware enables users to connect to networked printers without administrator credentials - provided Seagull Scientific has been deemed a  “trusted” software publisher on the client machine.  

 

Instructions

These steps are specific to Windows 2008 R2 64-bit operating system. The concept remains the same for other Windows versions, but the steps may vary slightly.

Remove the already installed printer drivers

  1. Download the latest Seagull drivers from our website
  2. Extract the driver files to the c:\Seagull folder
  3. Run the DriverWizard.exe tool
  4. Remove the already installed printer drivers

 

Extracting the certificate

An IT admin will need to extract the Seagull Certificate file from the catalog file (actually, any driver .dll or .exe can be used).

  1. Locate the catalog file, it can be found with the rest of the driver files and has the .cat extension
  2. Right click on the cat file and click on Open
  3. Click on View Signature button at the bottom of the dialog
  4. Click on View Certificate button
  5. On the next dialog, click on the Details tab at the top
  6. Click on the Copy to file button at the bottom
  7. Step through the export wizard.  You will need to provide a location and file name for the certificate, but the rest of the settings shouldn't need to be changed.
  8. A reboot may be needed at this point

 

Importing the certificate

You can add the certificate to a single workstation, or add it to a domain group policy.

Adding certificate to single workstation:

  1. Browse to the location of the extracted driver files (default is C:\Seagull)
  2. Open .cat file in the driver installation files folder
  3. Click "View Signature"
  4. Click "View Certificate"
  5. Click "Install Certificate"
  6. Use the Wizard to install the certificate

Adding certificate To domain group policy:

  1. Open the Group Policy Management application. Start Administrative Tools Group Policy Management
  2. Locate and right click on the domain group policy, click on Edit
  3. Select Computer Configuration Policy Windows Settings Security Settings Public Key Policies
  4. Right click on the Trusted Publishers and click on Import
  5. Step through the import wizard, provide the location and name of the certificate when asked then finish out the wizard. Other than the file, no other settings should need to be changed.

 

Install the driver using Seagull Driver Wizard

You may now connect to package-aware drivers across your network or install the drivers silently without security prompts blocking them.

 

 

4 comments

0
Avatar
Ivan Afonin
Comment actions Permalink

Hello, this article works with Windows Server 2012 but in Windows Server 2008 I still get security window with confirmation the driver installation:

I use the same script on both OSes:

C:\Users\svc_robot_992369\Desktop\Seagull\2021.1\DriverWizard.exe install /name:"Intermec PD43" /model:"Intermec PD43 (203 dpi) - DP" /share:"Intermec_PD43" /port:"10.77.46.17"

Are any nuances for Windows Server 2008?

Thank you!

0
Avatar
Shmuel Alon
Comment actions Permalink

I downloaded the most up-to-date package.
The certificate is valid until 08/03/2021 ..
This is the Day!
Please update the certificate so I do not have problems in the organization.
Thank you.

1
Avatar
Max Chen
Comment actions Permalink

I am meeting the same issue with the inside certificate.

Have tried to download a few different drivers from sealgull official sites, and all go with the same certificate which is valid to 08/03/2021.

Could someone do something to this issue please?

 

Thank you.

0
Avatar
Shmuel Alon
Comment actions Permalink

Hi Max,
This the answer I got from seagull support:

Hello Shmuel,

Thank you for providing the requested information.

The Authenticode Signature needs to be valid when the driver is released, not installed.

"Time stamping allows Authenticode signatures to be verifiable even after the certificates used for signature have expired.
Seagull Scientific applies a time stamp during the signing process within the validity period of the certificate, which means that the time-stamped package remains valid indefinitely."

I hope that answers your question.

Please sign in to leave a comment.