Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

App Control: Why Does the Console Show Insecure (Not Trusted)?

App Control: Why Does the Console Show Insecure (Not Trusted)?


  • App Control Console: All Supported Versions
  • Microsoft IIS: All Supported Versions
  • Web Browser: All Supported Versions


Why does the browser generate a warning message when navigating to the App Control Console?


The browser is designed to verify all details of the certificate that is used for the URL entered. Please verify:
      • Most major browsers are designed to trust only certificates issued by a Trusted Authority. By default, Self-signed Certificates will not be trusted by most major browsers.
      • The URL entered in the browser matches the Server Address shown in the Console > System Configuration > General.
      • The browser used is supported.
      • The certificate has a Common Name that matches the Server Address.
      • The certificate has a properly formatted Subject Alternative Name:
      • The certificate is valid (not expired).
      • The certificate is properly bound to Port 443 in IIS.
      • The certificate is in the Trusted Root Certification Authorities on the endpoint.

      Additional Notes

      • Self-signed Certificates are not signed by a Trusted Authority and most browsers will prompt an error until the certificate is added to the Security Exceptions of the browser, or the Trusted Root Certification Authorities on the endpoint.
      • Adding the certificate to the Trusted Root Certification Authorities is outside the scope of Carbon Black Support and may require opening a case with the OS Vendor. See the Related Content for more details.
      • If Console access is available to the public it is recommended that a certificate issued by a Trusted Certificate Authority be used.

      Related Content

      Labels (1)
      Tags (2)
      Was this article helpful? Yes No
      No ratings
      Article Information
      Creation Date: