PDFCreator Server
      Back to home
      1. PDFCreator Knowledgebase
      2. PDFCreator Server

      PDFCreator Server: The distribution of PDFCreator printer drivers to clients

      Microsoft has been trying to secure the Windows printer service against vulnerability since 2021. However, this patch (also known as "the nightmare patch") causes problems when clients want to connect to a PDFCreator network printer (or network printers from other manufacturers). Depending on the operating system, this leads to different error messages when connecting.

      In order to install the PDFCreator printer drivers, it is necessary to pre-distribute the pdfforge certificate on these client computers.

      After installing PDFCreator Server, the certificate can be exported on the server.

      To do this, proceed as follows:

      1. Start the certificate manager from the control panel (certmgr.msc).
      2. Navigate to Trusted PublishersCertificates.
      3. Right-click on the pdfforge certificate, then select "All Tasks"
      4. Then select "Export"

      5. Click Next and export the certificate in the DER format as shown in the following image

      Once these steps have been completed, you will have various options for importing the certificate on the client computer:

      1. With the help of a group policy. The description of how to proceed is described by Microsoft: https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/distribute-certificates-to-client-computers-by-using-group-policy
      2. With a Powershell command (in one line): Import-Certificate -Filepath. \ Pdfforge_certificate.cer -CertStoreLocation Cert: \ LocalMachine \ TrustedPublisher  
      3. Via the command line: certutil.exe -addstore TrustedPublisher pdfforge_certificate.cer
      4. Via the certificate manager: The import is started by double-clicking on the certificate. The certificate can be checked again in this view. Then click on Install certificate, select Local Machine, then under Place all certificates in the following store → select Trusted Publishers, then click on Finish confirm the import process.

       

      Note: Time of signing is important if the certificate is about to expire. If the certificate was valid at the time the PDFCreator printer driver was signed, the printer drivers are also validly signed.