I copied the 2 files in the correct folder. I restarted the server. I service-wrapper.log file (seen in the previous link), I find some errors:
Thu, 02 Oct 2025 09:11:13 -0400 – WebUI service version 11.0.4.60 starting
Thu, 02 Oct 2025 09:11:13 -0400 – OpenSSL Initialized (Non-FIPS Mode)
Thu, 02 Oct 2025 09:11:13 -0400 – Using OpenSSL crypto library OpenSSL 3.2.4 11 Feb 2025
Thu, 02 Oct 2025 09:11:13 -0400 – [WebUI] Found updated WebUI Common site WebUI Common v96 available for download
Thu, 02 Oct 2025 09:11:14 -0400 – [WebUI] WebUISiteDownloader error: File error “class FileIOError” on “D:\Program Files (x86)\BigFix Enterprise\BES WebUI\Mirror\WebUI Common\node-win-x64.exe” : “Windows Error 0x20%: The process cannot access the file because it is being used by another process.”
Thu, 02 Oct 2025 09:11:24 -0400 – [WebUI] Stopping WebUI service app
Thu, 02 Oct 2025 09:12:24 -0400 – [WebUI] Found updated WebUI Common site WebUI Common v96 available for download
Thu, 02 Oct 2025 09:12:24 -0400 – [WebUI] WebUISiteDownloader error: File error “class FileIOError” on “D:\Program Files (x86)\BigFix Enterprise\BES WebUI\Mirror\WebUI Common\service-app.besarchive” : “Windows Error 0x20%: The process cannot access the file because it is being used by another process.”
Thu, 02 Oct 2025 09:13:13 -0400 – [WebUI] Starting WebUI service app
Thu, 02 Oct 2025 09:13:22 -0400 – [WebUI] process started
Thu, 02 Oct 2025 09:13:26 -0400 – [WebUI] Found updated WebUI Common site WebUI Common v96 available for download
The errors you are showing do not appear to be related to the certificate. Those indicate something is blocking the WebUI processes (node.exe) from writing to the files in its application area.
This might be from changing the “Log On As” in the Service to a non-administrator account; permissions changes you’ve applied on the directory; or a third-party EDR package (CrowdStrike, Carbon Black, etc) locking down those directories .
I’ll post the link on applying a custom certificate shortly but I don’t think that’s your problem from the logs. You may wish to open a support ticket if these clues don’t help.
This link has instructions for applying custom certificates to WebUI. You’ll need to provide a PEM encoded certificate and PEM-encoded private key file separately.
I don’t have a folder called C:\Program Files (x86)\BigFix Enterprise\BES Server\WebUI. My installation was done in the D: drive. I cannot find a “WebUI” folder under my D:\Program Files (x86)\BigFix Enterprise\BES Server.
I have copied my 2 files under D:\Program Files (x86)\BigFix Enterprise\BES WebUI\WebUI and restarted the service but certificates don’t seem to be applied. Is there a log/trace where I can see errors?
You can copy certificate and key where you want, but make sure the settings _WebUIAppEnv_WEB_CERT_FILE _WebUIAppEnv_WEB_KEY_FILE
have your cert/key path.
Hi
Thanks for the hint.
These 2 keys from HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BigFix\EnterpriseClient\Settings\Client\ have been correctly set.
Anything else? Any logs?