Carbon Black App Control uses SSL security for communication between its server and its agents.
By default, this security is based on a self-signed Carbon Black security certificate that is generated when the Carbon Black App Control Server is installed, although you can supply a different certificate as part of the installation process.
The System Configuration Security tab displays the Agent Server Communications configuration page. You can make the following changes:
- If the current certificate for agent-server communications is self-signed, you can edit its details.
- You can import another certificate from a PKCS#12 file, either your own self-signed certificate or from a certificate authority.
- You can increase security by enabling certificate verification so that computers running the agent always verify that the correct certificate exists on the Carbon Black App Control Server. This is a one-time change with no reversal. You can do this for certificates from known certificate authorities, and possibly with your own self-signed certificates imported into Carbon Black App Control. Do not enable verification for the self-signed certificates created during the Carbon Black App Control server installation process.