• How to use Windows Server to Create App Control Code Signing Certificate
• Introduction
• TL;DR (Short version)
• Prerequisites
• Windows Server VM setup
• Rename the server
• Using GUI: Install Active Directory Domain Services
• Using PowerShell: Install Active Directory Domain Services
• Using GUI: Install Active Directory Certification Service and set up an Enterprise root CA (Certificate Authority)
• Using PowerShell: Install Active Directory Certification Services and set up an Enterprise root CA
• Configure the Validity period of the issued certificates on the server
• Follow the official guide to create certificate template and generate the signing certificate
• Additional steps to perform on Windows Server
• Steps to perform on Client VM
• Create a Signed App Control policy
• Use AppControl Manager to sign and deploy App Control policies
• Extras
• How to interact with the hidden EFI partition
• How to find the FQDN (Fully Qualified Domain Name) of the Windows Server
• Resources