What is the Issue?

Security Controls uses a self-signed SHA-2 root certificate to issue the console, agent and scheduler certificates used within the product. Some security tools, however, may see the self-signed certificate as a medium level security risk. To be clear, Security Controls does not have a certificate security issue, but these tools have no way of determining that information. If you want to stop the Security Controls certificate from being flagged as a warning, you have the option to use a trusted certificate authority (CA) from your own PKI infrastructure to issue a replacement root certificate for Security Controls.

This section describes the tasks you must perform if you wish to replace the default Security Controls root certificate with a certificate that is issued by your own CA.