Version

All versions

Issue

This warning message seen in the Cb Protection console:

Server certificate has expired. Agents will not be able to connect to the server.

Cause

Cb Protection uses an SSL certificate to verify agent to server communication.   This certificate is set (by default) to expire after two years, and needs to be regenerated.

Solution

The SSL certificate can be managed in the Cb Protection console by navigating to the following page:

7.x: Administration > System Configuration > Security

8.x: Gear icon at the top right > System Configuration > Security

If you are using a self-signed certificate (this is the default option, and the most common scenario), you can regenerate the cert by clicking Edit, and then Generate to create a new certificate.   Agents will start reconnecting on their next checking, usually in just a few seconds.

If you are using a trusted certificate (one created by a CA, either internally or an external CA), you will need to have a new certificate generated by the CA, and imported at the bottom of the page under the section "Import Server Certificate From PKCS12 File".