Updating CA signed SSL certificate on Bigfix Compliance and Inventory


Current SSL certificates on both Bigfix Compliance and Inventory have expired and because of that, I am not able to browse to BFI or SCA portal to update the ssl cert and private key via Dashboard > Server Settings > Download certificate.

All Browsers (Chrome/Edge/IE) throws error “Your connection is not private” and does not have option in the advance button to proceed.

Is there a backend way inside the application using config files or some other way to replace the expired certificate with the new one? I looked in server.xml & jvm.options files and don’t see any option.

There is, but it’s complicated. I can look it up later, but first in chrome see if typing “thisisunsafe” anywhere on the SSL error page allows you to bypass it…

Edit: actually you should open a support ticket, I know there were changes in recent versions and I’m not confident the procedure I came up with is up-to-date with the changes.

1 Like

Thanks Jason, I will reach out ot the Bigfix support.

Jason, actually I was able to use “thisisunsafe” option in Chrome to get pass the warning and then replace the certificate and private key.

Thanks a lot for your help.

1 Like