Approving an exception

The station verifies the signature on each program object to ensure that the certificate chain is trusted. If the root CA certificate used to sign the code-signing certificate is in the station’s User Trust Store, the code runs without further intervention. If the code signing-certificate is self-signed, or the root CA certificate is missing, the station reports an error, after which you may approve an exception.

Your program object has been signed by a self-signed code-signing certificate, or the code-signing certificate is not trusted.
  1. The signed program runs at least once.
    The system displays an error message and adds the certificate to the station’s User Trust Store.

    The red shield with the white X in the Certificate Management view, User Trust Store tab, indicates the untrustworthy condition of the code-signing certificate.
  2. If you know that the certificate is safe, approve an exception by clicking the Approve button.
This exception is similar to accepting the self-signed certificate when you initially log in to a platform or station. The ability to approve this exception is provided for convenience. Your system is much more secure when you follow the recommended practice of signing code-signing certificates with the private key of your company’s or a third party’s root CA certificate, which is in the station’s User Trust Store.