Publishers

[MHaggis]

Summary

This PR merges 182 new code signing certificates from a community contribution (#121) and adds important safety warnings to entries containing certificates from major software vendors.

Changes

1. Certificate Data Merge

• Merged certificate data from lolrmm_tools_with_certs.json into existing YAML files
• Added 182 new certificates across 114 RMM tool entries
• No duplicates created - used certificate thumbprint as unique identifier

2. Safety Warnings (Issue #121)

Added explicit warnings to 8 YAML files containing Microsoft/Google certificates that are also used to sign legitimate, essential software:

• rdcman.yaml
• mousewithoutborders.yaml
• microsoft_tsc.yaml
• mstsc.yaml
• microsoft_rdp.yaml
• chrome_remote_desktop.yaml
• netviewer_(gotomeet).yaml
• crosstec_remote_control.yaml

Warning example:

IMPORTANT: This tool is signed with legitimate Microsoft Corporation certificates that are also used to sign numerous other Microsoft products and Windows components. Do NOT blindly block these certificate thumbprints as doing so will likely break essential Windows functionality. Use certificate data for detection, hunting, and analysis purposes only.

3. Schema Update

• Added src_file_path field to certificate schema
• Made src_file_sha256 nullable for consistency

Testing

• ✅ All YAML files pass validation (bin/validate.py)
• ✅ No duplicate certificates created
• ✅ Certificate merge script is idempotent (safe to run multiple times)

Files Changed

• 114 YAML files updated with new certificates
• 8 YAML files updated with safety warnings
• 1 schema file updated
• 1 new merge script added