BC Vault Daemon is used for BC Vault support in your Web Browser (Firefox, IE, EDGE, Chrome...) and is browser agnostic.
It is installed as a startup process (if selected - by default) from v1.2.1 on. Before it was not scheduled for automatic startup in operating system (Windows, OS X).
Process name is "bcdaemon" and it listens on TCP port 1991 on localhost (127.0.0.1), thus it is not visible from anywhere else, but from your computer.
You can START/STOP bcdaemon from inside of the BC Vault Application under Settings/Application Setting:
If you want to prevent bcdaemon to autostart with start of your operating system follow instructions below:
a) MS WINDOWS
1) Open Task Manager
2) Select "Startup" Tag
3) Right Click on "bcdaemon.exe" and select "Disable"
b) MAC OS X
Remove file "/Library/LaunchAgents/com.real-sec.bcdaemon.plist".
1) Open "Terminal"
2) Execute command "sudo rm /Library/LaunchAgents/com.real-sec.bcdaemon.plist" (without quotes) and enter your password.
The BC Vault Daemon uses a self signed certificate, signed by a CA (Certificate Authority) generated on your machine (as of v1.3.7) to be able to communicate with your browser over the HTTPS protocol. The private key for the self signed CA on your computer is deleted after generation, so no further certificates can be issued. This certificate has to be trusted by your computer, so you do not get browser warnings, thus the CA and/or certificate is added to your certificate store (depending on the operating system you are using). If you opt not to install the BC Vault daemon during installation, no certificates will be generated.
You might have to add the certificate or certificate authority to a particular browser if the browser is using it's own certificate store (as for example Firefox). It is also necessary to add it to any browser in Linux, as Linux is not using central CA.
Following the the login browser window presented by BC Vault Daemon:
This is the certificate detail of the BC Vault Daemon Browser window running on https://localhost port 1991:
localhost.crt - Self Signed certificate for "localhost"
localhost.key - Private key for certificate for "localhost"
rootCA.crt - Self Signed certificate for CA that signed localhost.crt
Directories of certificate files:
|Operating system||Directory||Trust added|
|MS Windows||"%PROGRAMDATA%/REAL security/BCVault/"||Self Signed CA certificate named "BCVaultCA_localhost" is added to Certificate Store "Third-Party Root Certification Authorities".|
|Mac OS X||"/Library/Application Support/REAL security/BCVault/"||Self Signed host certificate named "BCVault-localhost" for DNS name "localhost" is added to System Keychain.|
|Linux||"/opt/BCVault/"||Linux does not have central CA store, so nothing is added automatically.|