App Control: Old Certificate Not Updating to New
search cancel

App Control: Old Certificate Not Updating to New


Article ID: 289330


Updated On:


Carbon Black App Control (formerly Cb Protection)


  • Old certificate is not getting updated even after successfully importing the new server certificate
  • After importing the new server certificate, a message shows on the top for “New certificate was successfully imported and applied”
  • Browser gives security warning and shows old certificate


  • App Control Console: All Supported Versions
  • IIS Manager: All Supported Versions


  • The local computer certificate store still has the old server certificate
  • Certificate hasn't been updated in IIS


  • Import the new server certificate to IIS and bind it to port 443:
  • Delete the old certificate from the local computer’s certificate store:
  1. Login to the CB App Control physical server
  2. Navigate to Start > Run > type “mmc” > click OK.
  3. On the Microsoft Management Console (mmc) window, go to the File menu > click on “Add/Remove Snap-in”
  4. Select “Certificates” > click the “Add” button
  5. Select “Computer account” > click “Next” > select “Local computer” > click “Finish” > then, click “OK
  6. Delete the old App Control Server certificates from the following locations:
    • Personal > Certificates
    • Trusted Root Certification Authorities > Certificates
    • Trusted People > Certificates
  7. Open an admin CMD prompt
  8. Run command:
  9. Open Services.msc
  10. Restart the App Control Server and CB Reporter services