Error During Certificate Replacement or Import: Could Not Add Certificate to Agent Trust

search cancel

Error During Certificate Replacement or Import: Could Not Add Certificate to Agent Trust

book

Article ID: 395994

calendar_today

Updated On:

Products

Carbon Black App Control

Issue/Introduction

When importing a new Communication Certificate to the Console the following error is returned:

Error importing certificate: Could not add certificate to agent trust

Environment

App Control Console: All Supported Versions

Cause

A restriction on the Service Account, or other hardening surrounding the Local Machine Certificates, is preventing the application from properly adding the certificate chain to the application server.

Resolution

Verify the certificate being used is a valid PFX or PKCS#12 Certificate File, and in a directory available to the Carbon Black Service Account.
Verify Carbon Black Service Account permissions
- In some instances STIG Recommendations or other hardening may need to be temporarily removed.

Additional Information

Replace the Server Certificate
Duplicate Trusted Communication Certificates

Feedback

thumb_up Yes

thumb_down No