BLUECOAT – Remove Bluecoat Security Certificate
Above is an excellent blog article that describes how to revoke the Bluecoat Security Certificate, since it’s been trusted by Symantec (bad business move there guys).
Here we go:
So, there was this tweet that got passed around the security community pretty quickly:
BlueCoat now has a CA signed by Symantec https://t.co/8OXmtpT6eX
— Filippo Valsorda (@FiloSottile) May 26, 2016
Kind of confusing and scary if you’re not quite sure what this all means – perhaps clear and scary if you do.
BlueCoat manufactures “man in the middle” devices – sometimes used by enterprises to scan and inspect / block outbound traffic across their network, and apparently also used by governments to scan and inspect traffic across the network.
The simple Windows way
As with most things on Windows, there’s multiple ways to do this. Here’s one, which can be followed either by regular users or administrators. It’s several steps, but it’s a logical progression, and will work for everyone.
Step 1. Download the certificate. Really, literally, follow the link to the certificate and click “Open”. It’ll pop up as follows:
Step 2. Install the certificate. Really, literally, click the button that says “Install Certificate…”. You’ll see this prompt asking you where to save it:
Step 3. If you’re a non-administrator, and just want to untrust this certificate for yourself, leave the Store Location set to “Current User”. If you want to set this for the machine as a whole, and you’re an administrator, select Local Machine, like this:
Step 4: Click Next, to be asked where you’re putting the certificate:
Step 5: Select “Place all certificates in the following store”:
Step 6: Click the “Browse…” button to be given choices of where to place this certificate:
Step 7: Don’t select “Personal”, because that will explicitly trust the certificate. Scroll down and you’ll see “Untrusted Certificates”. Select that and hit OK:
Step 8: You’re shown the store you plan to install into:
Step 9: Click “Next” – and you’ll get a final confirmation option. Read the screen and make sure you really want to do what’s being offered – it’s reversible, but check that you didn’t accidentally install the certificate somewhere wrong. The only place this certificate should go to become untrusted is in the Untrusted Certificates store:
Step 10: Once you’re sure you have it right, click “Finish”. You’ll be congratulated with this prompt:
Step 11: Verification. Hit OK on the “import was successful” box. If you still have the Certificate open, close it. Now reopen it, from the link or from the certificate store, or if you downloaded the certificate, from there. It’ll look like this:
The certificate hasn’t actually been revoked, and you can open up the Untrusted Certificates store to remove this certificate so it’s trusted again if you find any difficulties.
There are other methods to do this – if you’re a regular admin user on Windows, I’ll tell you the quicker way is to open MMC.EXE, add the Certificates Snap-in, select to manage either the Local Computer or Current User, navigate to the Untrusted Certificates store and Import the certificate there. For wide scale deployment, there are group policy ways to do this, too.
The blog details how to disable certs in MAC as well as Windows.
Use the search next to the start button
mmc.exe > add snapin > certificates > local computer > untrusted certificates > import certificate.