• Agent Disconnected
• Trace.bt9 log (created in high debugging) shows similar to:
  

  2024-05-20T12:53:21-03:00 130744302 (0EA0) - HealthCheckContext::AddFailure: Health Check Failure Severity[High]: Untrusted server certificate. Issuer [<IssuerHere>], Serial Number [<SerialNumberHere>]
  2024-05-20T12:53:21-03:00 130744302 (0EA0) - Event String[2637] Subtype[447] Params[Untrusted server certificate. Issuer [<IssuerHere>], Serial Number [SerialNumberHere]][Options[00000003] TotalFailures[8]][990] File[] Process[ (4294967295)] User[] CLVer[156157] RuleId[0] CalculatedTime[133605651641395727] State[00000000]

• Agent is failing Health Checks with:

  Carbon Black App Control Agent detected a problem: Untrusted server certificate Issuer [CERTIFICATE AUTHORITY], Serial Number [SERIAL] .... FailureId[990]

The current App Control Server Certificate is not Trusted in the Trusted Communication Certificates list, or the certificate is not trusted by the Operating System.

1. Manually run a Health Check to verify the failure persists.
2. Verify the Resource Download Location (RDL) specified is correct and traffic is not blocked by the firewall.
   1. If using an Alternate RDL, verify the updated TrustedCertList.pem file has been copied accordingly.
   2. Verify the certificate bound to Port 443 on the RDL is valid. If necessary, import and bind a valid certificate.
3. Log in to the Console and navigate to System Configuration > Security.
   1. Note the Thumbprint listed in the Current Server Certificate Details.
   2. Scroll down and verify the same Thumbprint is Trusted in the Trusted Communication Certificates.
   3. If the Thumbprint is not listed, import the Public Key version of the certificate.
4. If still experiencing issues:
   1. Manually import the certificate on the endpoint.
   2. Manually import the updated TrustedCertList.pem