App Control: Why Does the Console Show Insecure (Not Trusted)?
Article ID: 286594
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
Why does the browser generate a warning message when navigating to the App Control Console?
Environment
- App Control Console: All Supported Versions
- Microsoft IIS: All Supported Versions
- Web Browser: All Supported Versions
Resolution
The browser is designed to verify all details of the certificate that is used for the URL entered. Please verify:
- Most major browsers are designed to trust only certificates issued by a Trusted Authority. By default, Self-signed Certificates will not be trusted by most major browsers.
- The URL entered in the browser matches the Server Address shown in the Console > System Configuration > General.
- The browser used is supported.
- The certificate has a Common Name that matches the Server Address.
- The certificate has a properly formatted Subject Alternative Name:
- The certificate is valid (not expired).
- The certificate is properly bound to Port 443 in IIS.
- The certificate is in the Trusted Root Certification Authorities on the endpoint.
Additional Information
- Self-signed Certificates are not signed by a Trusted Authority and most browsers will prompt an error until the certificate is added to the Security Exceptions of the browser, or the Trusted Root Certification Authorities on the endpoint.
- Adding the certificate to the Trusted Root Certification Authorities is outside the scope of Carbon Black Support and may require opening a case with the OS Vendor. See the Related Content for more details.
- If Console access is available to the public it is recommended that a certificate issued by a Trusted Certificate Authority be used.
Feedback
Yes
No
Powered by
