Environment

• CB Protection Console: All Supported Versions

Symptoms

• Old certificate is not getting updated even after successfully importing the new server certificate
• After importing the new server certificate, a message shows on the top for “New certificate was successfully imported and applied”
• Browser gives security warning and shows old certificate

Cause

• The local computer certificate store still has the old server certificate
• Certificate hasn't been updated in IIS

Resolution

Import the new server certificate to IIS and bind it to port 443:

• https://community.carbonblack.com/t5/Knowledge-Base/Cb-Protection-How-To-Bind-a-New-Certificate-to-P...

Delete the old certificate from the local computer’s certificate store:

1. Login to theCB Protection server
2. Navigate to Start > Run > type “mmc” > click OK.
3. On the Microsoft Management Console (mmc) window, go to the File menu > click on “Add/Remove Snap-in”
4. Select “Certificates” > click the “Add” button
5. Select “Computer account” > click “Next” > select “Local computer” > click “Finish” > then, click “OK
6. Delete the old CB Protection server certificates from the following locations:
   • Personal > Certificates
   • Trusted Root Certification Authorities > Certificates
   • Trusted People > Certificates
7. Open an admin CMD prompt
8. Run command:

   iisreset

9. Open Services.msc
10. Restart the CB Protection Server and CB Reporter services