To export the certificate used for Agent/Server Communication. This is shown in the Console > System Configuration > Security > Current Server Certificate.
Environment
App Control Console: All Supported Versions
Microsoft Windows Server: All Supported Versions
Resolution
Locating The Relevant Certificate For Export:
Log in to the App Control Console and navigate to the gear icon > System Configuration > Security.
Take note of the Current Server Certificate Details (Common Name, Expiration Date, Thumbprint)
Log in to the application server hosting the Console as the Carbon Black Service Account.
Click Start > Run > certlm.msc > OK.
In the left-hand pane expand: Trusted People > Certificates.
Right click the relevant Certificate in the right-hand pane and choose: All Tasks > Export.
Exporting For Console Backup or IIS Import:
When prompted choose: "Yes, export the private key" then click Next.
Check the options:
Include all certificates in the certification path if possible.
Export all extended properties.
Enable certificate privacy.
Check the box to enable and specify a Password.
Determine the location to save the exported Certificate.
Exporting For Endpoints or Trusted Communication Certificate Import:
When prompted choose: "No, do not export the private key" then click Next.
Choose "DER encoded binary X.509 (.CER)".
Determine the location to save the exported Certificate.