App Control: How to Revert SSL Strong Mode/Certificate Verification When Enabled Accidentally

App Control: How to Revert SSL Strong Mode/Certificate Verification When Enabled Accidentally

Environment

  • App Control Server: All Versions
  • Certificate Verification/SSL Strong Mode enabled

Objective

Revert the changes made by accidentally enabling Certificate Verification/SSL Strong Mode.

Resolution

  1. Login to the console as an admin
  2. Head to: https://<bit9 server>/shepherd_config.php
  3. Find the Defined Property value of "SSLMode"
  4. Change the value to 1
  5. Save the changes

Any agents that do not check in after making this change will need to be manually updated via command line:

  1. cd C:\Program Files (x86)\Bit9\Parity Agent
  2. dascli password <CLI/Global CLI Password>
  3. dascli sslmode 1

Additional Notes

There are two other workarounds that can be applied to the agents that do not check in after reverting the SSLMode:
1) Use the following solution to manually import the self-signed certificate: Exporting and importing self-signed certificate for disconnected machine
2) Purchase a 3rd Party Verifiable Certificate from a CA and deploy this to the server and all agents.

Related Content


Labels (1)
Tags (2)
Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
Creation Date:
‎02-01-2018
Views:
1459
Contributors