Match Using Certificates

To select applications using this method, do the following tasks:



Select types of certificates to match.

Select one of the following:

  • Select Trusted (current) to match trusted, unexpired certificates.

  • Select Trusted (current) | Trusted (expired) to match certificates trusted at any time.

  • Select Trusted (expired) | Untrusted to match trusted but expired or untrusted certificates.

  • Select Untrusted to match certificates that were never trusted.

  • Select Any: Trusted (current) | Trusted (expired) | Untrusted to match any certificates.

Match issuers and subjects.

Use dynamic search to match certificate issuers and subjects.

Figure 1. Dynamic Search

See About Certificate Issuers and Subjects and Using Dynamic Search.

Display list of matching applications.

Click Show Matches.

Hide list of matching applications.

Click Hide Matches.

About Certificate Issuers and Subjects

Certificate information can be for issuers or subjects. Use this information to create policies based on certificates.

Table 1. Certificate Information Labels


Issuer Field Labels

Subject Field Labels

Country (C)

Issuer Country (C)

Subject Country (C)

Location (L)

Issuer Locality (L)

Subject Locality (L)

Common Name (CN)

Issuer Name (CN)

Subject Name (CN)

Organization (O)

Issuer Organization (O)

Subject Organization (O)

State (ST)


Windows abbreviates this information as (S).

Issuer State or Province (ST)

Subject State or Province (ST)

Organizational Unit (OU)

Issuer Unit (OU)

Subject Unit (OU)

Locating Certificate Information Using Windows

  1. Locate the application and then view the certificate details.
    1. Right-click on the application and then select Properties.

      The Properties window appears.

    2. Go to Digital Signatures. Under Signature list, select a signature and then click Details.

      The Digital Signature Details screen appears.

    3. Click View Certificate.

      The Certificate window appears.

    4. Go to Details and then click Subject or Issuer.
    5. View the certificate details.
  2. Close windows opened by the procedure.
    1. In the Certificate window, click OK to close the window.
    2. In the Digital Signature Details window, click OK to close the window.
    3. In the Properties window, click Cancel to close the window.