Carbon Black App Control uses SSL security for communication between its server and its agents.

By default, this security is based on a self-signed Carbon Black security certificate that is generated when the Carbon Black App Control Server is installed, although you can supply a different certificate as part of the installation process.

The System Configuration Security tab displays the Agent Server Communications configuration page. You can make the following changes:

  • If the current certificate for agent-server communications is self-signed, you can edit its details.
  • You can import another certificate from a PKCS#12 file, either your own self-signed certificate or from a certificate authority.
  • You can increase security by enabling certificate verification so that computers running the agent always verify that the correct certificate exists on the Carbon Black App Control Server. This is a one-time change with no reversal. You can do this for certificates from known certificate authorities, and possibly with your own self-signed certificates imported into Carbon Black App Control. Do not enable verification for the self-signed certificates created during the Carbon Black App Control server installation process.

The Security tab of the System Configuration