To export the certificate used for Agent/Server Communication. This is shown in the Console > System Configuration > Security > Current Server Certificate.

• App Control Console: All Supported Versions
• Microsoft Windows Server: All Supported Versions

1. Log in to the App Control Console and navigate to the gear icon > System Configuration > Security.
2. Take note of the Current Server Certificate Details (Common Name, Expiration Date, Thumbprint)
3. Log in to the application server hosting the Console as the Carbon Black Service Account.
4. Click Start > Run > certlm.msc > OK.
5. In the left-hand pane expand: Trusted People > Certificates.
6. Right click the relevant Certificate in the right-hand pane and choose: All Tasks > Export.

1. When prompted choose: "Yes, export the private key" then click Next.
2. Check the options:
   • Include all certificates in the certification path if possible.
   • Export all extended properties.
   • Enable certificate privacy.
3. Check the box to enable and specify a Password.
4. Determine the location to save the exported Certificate.

1. When prompted choose: "No, do not export the private key" then click Next.
2. Choose "DER encoded binary X.509 (.CER)".
3. Determine the location to save the exported Certificate.