Configuring a trusted connection on the Kaspersky Endpoint Agent side

To configure a trusted connection of Kaspersky Sandbox with Kaspersky Endpoint Agent on the Kaspersky Endpoint Agent side:

1. Open the Kaspersky Security Center Administration Console.
2. In the console tree, select the Policies folder.
3. Select Kaspersky Endpoint Agent policy and open its properties window in one of the following ways:
   • Double-click the policy name.
   • Select Properties in the policy context menu.
   • Select the Configure policy settings item in the right part of the window.
4. In the Kaspersky Sandbox integration section select the Kaspersky Sandbox integration settings subsection.
5. In the Kaspersky Sandbox integration settings group, enable the Use pinned certificate to protect connection option.
6. Click Add new TLS certificate.
7. Do one of the following to add a TLS certificate created on the Kaspersky Sandbox side:
   • Add a certificate file. To do so, click Browse, and in the window that is displayed, select the certificate file and click Open.
   • Copy and paste the contents of the certificate file to the Paste TLS certificate data field.

   Kaspersky Endpoint Agent can have only one TLS certificate of a Kaspersky Sandbox server. If you have added a TLS certificate before and are adding a TLS certificate again, only the last added certificate is used.

8. Click Add.

   Information about the added TLS certificate is displayed in the Kaspersky Sandbox integration settings group.

9. In the upper right corner of the settings group, change the switch from Unaffected by policy to Under policy.
10. Click OK.

Trusted connection to the Kaspersky Sandbox server is configured.