Server Certificate Missing From/Or Blank Trusted Certificate File After Server Upgrade From 8.6 or Older
Article ID: 290821
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
- App Control server app was upgraded from 8.6.x or lower server version
- The "TrustedCertList.pem" file could be blank
- Very slow web console where pages take several minutes to load
- Multiple Agents show as disconnected or with "Red" dots on the Computers page
- Agent Health Check Errors Failureid[970] or FailureId[960]
Environment
- App Control Server: 8.7 and higher
Cause
The Server Certificate wasn't automatically added to the Trusted Communication Certificates list during the Server upgrade.
This also results in an invalid TrustedCertList.pem file that prevents normal Agent-Server communication.
Resolution
- Export the Server Certificate as .CER file
- Log in to the Console and navigate to Settings > System Configuration > Security
- Scroll down to Trusted Communication Certificates > Import Certificate > Select the CER file exported previously
- In the confirmation menu > click the checkbox next to the certificate > Select to Import
Feedback
Yes
No
Powered by
