When using ReChecked Manager, each organization has it’s own securely generate CA certificate. This certificate and it’s key are stored encrypted in the Manager and is used to sign the certificates created for your agents. You can download the certificate portion to install on the machines you want to be able to trust the certificates signed buy your organization’s CA. This ensures that you can connect to your agents in the Agent Dashboard in the Manager and connect over HTTPS with a valid SSL connection.
Download Organization CA Certificate
In order to secure your agents and configs you’ll need to install all your organization CA certificates on your local machines and your monitoring system’s machine. To get to your organization’s CA certificate navigate to your account icon in the upper right corner, click it and go to My Account, then under Organizations, open the accordion for the organization you want and click Show CA Certificate. You can then download the .crt file.
To install, see directions for each operating system’s instructions below:
Note: You can also install the certificates directly into your browser, for the machine you’re using the Manager on, but for your monitoring system, it needs to be globally trusted.
Installing on Linux
CentOS / RHEL / Alma / Rocky / Cloud
Copy the ca .crt file you downloaded from the beginning to the following directory:
/etc/pki/ca-trust/source/anchors/
Once copied, you need to run the following command as root or via sudo:
update-ca-trust
You should now be able to connect to the agents that are in ReChecked Manager without SSL security errors.
Ubuntu / Debian
Ensure you have the ca-certificates package installed:
sudo apt-get install -y ca-certificates
Copy the ca certificate into the directory:
/usr/local/share/ca-certificates
After you’ve added the ca certificate to the directory, you need to run the update command:
sudo update-ca-certificates
You should now be able to connect to the agents that are in ReChecked Manager without SSL security errors.
Installing on Windows
Once you’ve downloaded the above .crt file to your Windows system. Right-click on the file and select Open.
You should see a screen like this:
Click on the button that says Install Certificate…
When in the import wizard, select Current User if you only want to install it for your account, otherwise select Local Machine for the whole system.
On the next page, select Place all certificates in the following store…
Select the Trusted Root Certification Authorities as the certificate store. This will tell your local system to trust certificates that have been signed by your organization’s CA certificate.
Click next to review your changes and then click finish to apply.
You should now be able to connect to the agents that are in ReChecked Manager without SSL security errors.
Installing on MacOS
Download or copy the .crt file from your organization. Double click on the certificate file.
Enter your administration password and click Modify Keychain.
Go to the search in the upper right and search for Keychain Access, and then select Keychain Access from the search results.
Under the System keychain, select the rcmanager certificate that was added and righ-click and select Get Info.
On the new popup screen open the Trust settings. Under the SSL section, select Always Trust.
You should now be able to connect to the agents that are in ReChecked Manager without SSL security errors.