App Control: Why Does the Console Show Insecure (Not Trusted)?
search cancel

App Control: Why Does the Console Show Insecure (Not Trusted)?

book

Article ID: 286594

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

Why does the browser generate a warning message when navigating to the App Control Console?

Environment

  • App Control Console: All Supported Versions
  • Microsoft IIS: All Supported Versions
  • Web Browser: All Supported Versions

Resolution

The browser is designed to verify all details of the certificate that is used for the URL entered. Please verify:
      • Most major browsers are designed to trust only certificates issued by a Trusted Authority. By default, Self-signed Certificates will not be trusted by most major browsers.
      • The URL entered in the browser matches the Server Address shown in the Console > System Configuration > General.
      • The browser used is supported.
      • The certificate has a Common Name that matches the Server Address.
      • The certificate has a properly formatted Subject Alternative Name:
      • The certificate is valid (not expired).
      • The certificate is properly bound to Port 443 in IIS.
      • The certificate is in the┬áTrusted Root Certification Authorities on the endpoint.

      Additional Information

      • Self-signed Certificates are not signed by a Trusted Authority and most browsers will prompt an error until the certificate is added to the Security Exceptions of the browser, or the Trusted Root Certification Authorities on the endpoint.
      • Adding the certificate to the Trusted Root Certification Authorities is outside the scope of Carbon Black Support and may require opening a case with the OS Vendor. See the Related Content for more details.
      • If Console access is available to the public it is recommended that a certificate issued by a Trusted Certificate Authority be used.