We’re migrating product documentation to docs.vmware.com, starting with Carbon Black Cloud. Learn more.

CB Protection Certificate Installer

CB Protection Certificate Installer

The Certificate Installer is designed to instruct your agents to trust software signed with the new VMware Carbon Black certificate. Otherwise, when a future agent host package installer or rules installer is signed with that certificate, it may be blocked from installing.

 

Instructions for use for CB App Control version 8.1.6

The Certificate installer is a self-extracting zip. It can be uploaded to the server using the "Update Agent/Rule Versions" page in the console, the same way agent host packages are installed.  It will then be automatically placed into a specific directory where the CB App Control Reporter service will detect it and execute the zip.  It is also possible to move it to the server directly and run it, but the upload page is the recommended method.

 

Instructions for use for CB App Control version 8.1.4

The certificate installer utility cannot be uploaded to the server using the “Update Agent/Rule Versions” page in version 8.1.4. It is possible to move it to the server directly and run it. 

Who needs to use the Certificate installer?

8.1.8 Server and above - The new 2020 Certificates are included with the server, which is what will be used to sign any upcoming Rules and Host Package installers. It is not necessary to use the Certificate installer or run the SQL script for your agents to be installed.

  • Not necessary to use the Certificate installer 

 8.1.6 Server – The 2020 Certificates need to be added to support installing the upcoming Rules and Host Package installers.

  • Certificate installer can be uploaded to the server using the "Update Agent/Rule Versions" page in the console.
    OR
    Certificate installer can be run manually on the system

 

 8.1.4 Server  - The 2020 Certificates need to be added to support installing the upcoming Rules and Host Package installers.

  • Certificate installer can be run manually on the system

 

Log File

The certificate installer (whether run via the upload page or executed manually) will create a log file in %temp%\. If the install is successful the file is copied to C:\Program Files (x86)\Bit9\Parity Server\Support\.

 The file will be named something like this: CertificateInstaller-2019-05-22-152654.log

 Every time it is run, a unique file name will be generated, so you don't have to worry about overwriting one and losing it.

You can download the Certificate Installer below:

SHA 256 of CertificateInstaller_2020_5.exe - 132FB74EBBD77762C3C6BF3C2094F589AD31E3B96983D1AD1FFAC0AF9C905FDE

Download:

Click here to download.

Labels (2)
Comments

Regarding manual install of 8.1.4 server version, it would be nice if the command prompt that runs would show the actual progress, rather than it just closing with no success or fail message.  The requirement to have to manually check the log file after running the installer is a bit antiquated a methodology.

The file is not downloading.

Below error coming.

type Status Report

Description http.500

Apologies.  We are days away from migrating off the backend that is currently hosting these files (they are too large to host natively on the community platform.)

Can you please try: https://sflinks.carbonblack.com/73EZkcMS3yY/  

Sometimes an incognito browser helps.

Download link is not working:

 

HTTP Status 500 –


type Status Report

Description http.500

Sorry, the link seems to fail for a variety of reasons; sometimes an incognito browser helps, as does not being on VPN.  Can you pls let me know if either solved the issue?

Article Information
Author:
Creation Date:
‎04-27-2020
Views:
4583
Contributors