Browser Reports the Console Is Insecure, Not Private, or Not Trusted
search cancel

Browser Reports the Console Is Insecure, Not Private, or Not Trusted

book

Article ID: 286594

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

Browser generates an error when loading the App Control Console, example:

Your connection is not private

Attackers might be trying to steal your information from SERVER ADDRESS (for example, passwords, messages, or credit cards).

NET::ERR_CERT_AUTHORITY_INVALID

Environment

  • App Control Console: All Supported Versions
  • Microsoft IIS: All Supported Versions
  • Web Browser: All Supported Versions

Cause

The browser is designed to verify all details of the certificate that is used for the address entered. Some aspect of the certificate is failing the browser's requirements.

Resolution

  • Most major browsers are designed to trust only certificates issued by a Trusted Authority.
    • By default, Self-signed Certificates will not be trusted by most major browsers.
  • The URL entered in the browser matches the Server Address shown in the Console > System Configuration > General.
  • The browser used is supported.
  • The certificate is valid:
    • Common Name that matches the Server Address.
    • Properly formatted Subject Alternative Name
    • Expiration date is in the future
  • The certificate is properly bound to Port 443 in IIS.
  • The certificate is in the Trusted Root Certification Authorities on the endpoint.

Additional Information

  • Self-signed Certificates are not signed by a Trusted Authority and most browsers will prompt an error until the certificate is added to the Security Exceptions of the browser, or the Trusted Root Certification Authorities on the endpoint.
  • Adding the certificate to the Trusted Root Certification Authorities is outside the scope of Carbon Black Support and may require opening a case with the OS Vendor. See the Related Content for more details.
  • If Console access is available to the public it is recommended that a certificate issued by a Trusted Certificate Authority be used.