Exporting the Trusted Communication Certificate
search cancel

Exporting the Trusted Communication Certificate

book

Article ID: 286500

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

To export the certificate used for Agent-Server Communication that is shown in the Console > System Configuration > Security > Current Server Certificate

Environment

  • App Control Console: All Supported Versions
  • Microsoft Windows Server: All Supported Versions

Resolution

Locating The Relevant Certificate For Export:
  1. Log in to the App Control Console and navigate to the gear icon > System Configuration > Security.
  2. Take note of the Current Server Certificate Details (Common Name, Expiration Date, Thumbprint)
  3. Log in to the application server hosting the Console as the Carbon Black Service Account.
  4. Click Start > Run > certlm.msc > OK.
  5. In the left-hand pane expand: Trusted People > Certificates.
  6. Right click the relevant Certificate in the right-hand pane and choose: All Tasks > Export.
Exporting for import on Endpoints or for import to the Trusted Communication Certificates table (.CER):
  1. When prompted choose: "No, do not export the private key" then click Next.
  2. Choose "DER encoded binary X.509 (.CER)".
  3. Determine the location to save the exported Certificate.

Exporting for Backup or import to the IIS manager (.PFX):

  1. When prompted choose: "Yes, export the private key" then click Next.
  2. Check the options:
    • Include all certificates in the certification path if possible.
    • Export all extended properties.
    • Enable certificate privacy.
  3. Check the box to enable and specify a Password.
  4. Determine the location to save the exported Certificate.
Powered by Wolken Software