Updating a Kaspersky Security Center Administration Server certificate
You must update the KSC server certificate in the following cases:
- The current certificate is compromised.
- The certificate has expired.
- The IP address of the device running Kaspersky IoT Secure Gateway 1000 has changed.
- Certificate need to be regularly updated in accordance with the information security requirements of your organization.
Loading widely known Certification Authority certificates is not recommended, as all servers that use certificates signed by these Certification Authority certificates will be trusted. This situation will lead to Kaspersky IoT Secure Gateway 1000 being compromised.
To add or remove a certificate:
- In the menu in the left part of the web interface page, select Settings → Administration Server.
On the Kaspersky Security Center Administration Server page that opens, the Certificate section displays data about the current Kaspersky Security Center Administration Server certificate (if loaded).
- In the Certificate section, do one of the following:
- If you need to upload a KSC server certificate, click Upload and select the certificate file in the opened window.
Only files in the CRT, CER, DER, or PEM format can be added as a certificate.
The new KSC server certificate will be uploaded to the system and the previously uploaded certificate will be deleted.
- If you need to delete the KSC server certificate, click the Delete button and confirm deletion.
If there is no KSC server certificate in the system, it is not possible to configure the settings for connecting to the Kaspersky Security Center server or to connect to the Kaspersky Security Center server.
- If you need to upload a KSC server certificate, click Upload and select the certificate file in the opened window.
