Cb Protection: How to Recover From Accidentally Enabling Certificate Verification
book
Article ID: 285554
calendar_today
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
How to get agents reconnected after accidentally enabling Certificate Verification in the CB Protection console when only using a self-signed certificate.
Environment
Cb Protection Server: All Versions
Microsoft Windows: All Versions
Self-signed certificate on Cb Protection Console
Resolution
Purchase/Create a CA signed certificate with the appropriate Subject name and Subject Alternative Names for the Cb Protection Server
Install new CA signed certificate on the Cb Protection Server using the instructions from the Cb Protection Using Guide
Import the Root CA certificate for the new CA signed certificate on all agent endpoints:
Go to Windows Start, Click RUN
Type MMC
Click OK.
On the Microsoft Management Console (mmc) window, go to the File menu
Click on 'Add/Remove Snap-In'
Select Certificates
Click on Computer Accounts
Click on 'Local Computer'
Click Finish
Expand 'Certificates (Local Computer)'
Expand 'Trusted Root Certification Authorities'
Right Click on the sub-folder 'Certificates' and cliick on Import
Import the Root CA certificate from Step 1
Once this is completed on all agent endpoints, they should re-register and show connected on the Cb Protection Console
Additional Information
You can validate the Subject Name and SANs on the existing self-signed certificate before purchasing/creating a new CA signed cert
You can ask the certificate vendor for the Root CA certificate, so you can authorize all the endpoints you need connected
Use a web browser to get the certificate. Access a web page on the server with HTTPS. Then use the web browser options to export the certificate to a .cer file.