App Control: How To Export the App Control Agent Communication Certificate
search cancel

App Control: How To Export the App Control Agent Communication Certificate

book

Article ID: 286500

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

To export the certificate used for Agent/Server Communication. This is shown in the Console > System Configuration > Security > Current Server Certificate.

Environment

  • App Control Console: All Supported Versions
  • Microsoft Windows: All Supported Versions

Resolution

Locating The Relevant Certificate For Export:
  1. Log in to the App Control Console and navigate to the gear icon > System Configuration > Security.
  2. Take note of the Current Server Certificate Details (Common Name, Expiration Date, Thumbprint)
  3. Log in to the application server hosting the Console as the Carbon Black Service Account.
  4. Click Start > Run > certlm.msc > OK.
  5. In the left-hand pane expand: Trusted People > Certificates.
  6. Right click the relevant Certificate in the right-hand pane and choose: All Tasks > Export.

Exporting For Console Backup or IIS Import:
  1. When prompted choose: "Yes, export the private key" then click Next.
  2. Check the options:
    • Include all certificates in the certification path if possible.
    • Export all extended properties.
    • Enable certificate privacy.
  3. Check the box to enable and specify a Password.
  4. Determine the location to save the exported Certificate.
Exporting For Endpoints or Trusted Communication Certificate Import:
  1. When prompted choose: "No, do not export the private key" then click Next.
  2. Choose "DERĀ encoded binary X.509 (.CER)".
  3. Determine the location to save the exported Certificate.