Updating CA signed SSL certificate on Bigfix Compliance and Inventory

anon94681514 · February 7, 2023, 7:58pm

Hi

Current SSL certificates on both Bigfix Compliance and Inventory have expired and because of that, I am not able to browse to BFI or SCA portal to update the ssl cert and private key via Dashboard > Server Settings > Download certificate.

All Browsers (Chrome/Edge/IE) throws error “Your connection is not private” and does not have option in the advance button to proceed.

Is there a backend way inside the application using config files or some other way to replace the expired certificate with the new one? I looked in server.xml & jvm.options files and don’t see any option.

JasonWalker · February 7, 2023, 8:01pm

There is, but it’s complicated. I can look it up later, but first in chrome see if typing “thisisunsafe” anywhere on the SSL error page allows you to bypass it…

Edit: actually you should open a support ticket, I know there were changes in recent versions and I’m not confident the procedure I came up with is up-to-date with the changes.

anon94681514 · February 7, 2023, 8:08pm

Thanks Jason, I will reach out ot the Bigfix support.

anon94681514 · February 7, 2023, 8:31pm

Jason, actually I was able to use “thisisunsafe” option in Chrome to get pass the warning and then replace the certificate and private key.

Thanks a lot for your help.