When I access to MyApps a warning is displayed or any other page related to the agent web interface. To access to the pages, I have to click on "Advanced..." then "Accept the Risk and Continue":



Should I be worried?

Getting a certificate warning, on trying to access the webconsole?

This is being displayed because this certificate is unknown to the system as of now. This is resolved by importing the certificate from the C:\Program Files\BMC Software\Client Management\Master\bin\certs\auth\_CHECKSUM_\BCM.crt. More information here: Client Management: How to identify the certificate authority trusted by the master

1- Windows:

Method A: Manual Certificate Import

1. Open the folder C:\Program Files\BMC Software\Client Management\Master\bin\certs\auth\<checksum>\BCM.crt. More information here: Client Management: How to identify the certificate authority trusted by the master
2. Right click on the certificate and select "Install Certificate"
3. Choose Local Machine in the import dialog and select NEXT
4. Choose Place all Certification in the following store then browse and select -> Trusted Root Certification Authorities.
5. Close then reopen the browser and browse to the agent web interface
6. Make sure the error is not displayed anymore

More information on using the certificate import wizard is available from Microsoft, and for the purposes of this article, steps 5 through 9 from this TechNet blog post can be followed.

Method B: Using MMC snap-in

1. Run the following command line: "mmc"
2. Add snap-ins from File > Add/Remove Snap-in > Certificates > Local computer and Users
3. Go to Certificates > Trusted Root Certification Authority > certificates > Right click > All Tasks > Imports > From C:/Program Files/BMC Software/Client Management/Client /bin/certs/auth 
4. Click on Data Modified (Choose latest date folder) and choose the .crt file to import. Click Yes.
5. Run gpupdate /force as an administrator
6. Close then reopen the browser and browse to the agent web interface
7. Make sure the error is not displayed anymore

Method C: GPO

The best method, if a domain is available, is to distribute certificates to computers through a GPO.

1. Make sure that the Active directory does have Active Directory Certificate Services installed.
2. Click Start, point to Administrative Tools, and then click Group Policy Management.
3. Then:
   1. Find an existing Group Policy object (GPO) or create a new GPO to contain the certificate settings. Ensure that the GPO is associated with the domain, site, or organizational unit (OU) where the appropriate user and computer accounts reside.
   2. Right-click the GPO, and then click Edit.
   3. In the console tree, open Computer Configuration\Policies\Windows Settings\Security Settings\Public Key Policies, right-click Trusted Root Certification Authorities, and then click Import.
   4. On the Welcome to the Certificate Import Wizard page, click Next.
   5. On the File to Import page, type the path to the appropriate certificate files (for example, our bcm file From C:\Program Files\BMC Software\Client Management\Master\bin\certs\auth\<checksum>\BCM.crt.The correct cert to import may vary and should be verified by reviewing the definition of CertsAuth= in the \Master\config\mtxagent.ini file. More information here: How to identify the authorities trusted by the master
   6. On the Certificate Store page, click Place all certificates in the following store, and then click Next.
   7. On the Completing the Certificate Import Wizard page, verify that the information provided is accurate, and then click Finish.
   8. Run gpupdate /force as an administrator
   9. Close then reopen the browser and browse to the agent web interface
   10. Make sure the error is not displayed anymore

Method D: Through a package: