Tranquil IT Forum

Published: **November 25, 2024 - 09:23**

Hello,

I'm using the BitLocker Audit package to ensure all workstations are properly encrypted with BitLocker, even though Windows now does this automatically.
However, every time I update the package from the Microsoft Store, I "lose" my encryption key.

Could you include in the script a way to automatically encrypt using the key located in the directory c:\program files (x86)\Wapt\ssl?

Our installation is basic, but we only have one certificate in this directory, so we shouldn't have any surprises.

Thank you and have a good day.

Published: **November 25, 2024 - 3:19 PM**

Good morning,

Did you modify the package? tis-audit-bitlocker and add your SSL certificate to the list decrypt_cert_list

Lines 71 to 73 of the packet:

Code: Select all

target_encryption_method = 7
allow_swap_encryption_method = False  # Not implemented yet
decrypt_cert_list = [] # <- here the name of ssl cert allowed to decrypt

Flavien,

Published: **November 25, 2024 - 4:45 PM**

Thank you for your reply.
Yes, I did that, but every time the package is updated at WAPT, I have to edit it again.

I thought that for most users, it would be enough to point to c:\program files (x86)\wapt\ssl and get the server certificate available on their machine.

Published: **November 26, 2024 - 11:30 AM**

Hello,

I've reworked the package so that it now accepts, by default, all certificates present in the WAPT SSL folder on the machine, provided they are Code Signing.

The package is available in PREPROD here.

Flavien,

Tranquil IT Forum

BitLocker Audit Package - Request for SSL Modification

BitLocker Audit Package - Request for SSL Modification

Re: BitLocker Audit Package - Request for SSL Modification

Re: BitLocker Audit Package - Request for SSL Modification

Re: BitLocker Audit Package - Request for SSL Modification