My agents show a cert error when scanning. How do I update agents to use the certificate?

First, there are two parts to this update:
  • The java keystore, which contains the cert, packaged in an agent upgrade file
  • Two settings, which will indicate the location of the java keystore and the password, placed into an agent's configuration file

Java Keystore upgrade

Create the following structure with the keystore you have created for the clients:

bin
     MyJavaKeystore.jks

Next, zip up from the bin level, and call the patch something like: cert.2018.hotfix.zip. The word hotfix indicates this is not a standard agent upgrade.

Finally place this upgrade on the server at (Evolven Enlight)/Server/Tomcat 6.0/labsense-config/agent.upgrade/upgrades

This upgrade will now be available to push to agents that are failing with a cert error.

Settings in Configuration file

In the Evolven UI, navigate to Menu > Evolven Settings, search for Agent Files, choose Edit Global Agent Properties and add the following settings:

ssl.trust.store=bin/MyJavaKeystore.jks
ssl.trust.store.password=(the keystore password)



Select Update

Once these changes are made, and the agents are upgrade, the error should no longer be found when scans are run.