Support

Support for business applications

Kaspersky XDR Expert

Working with Open Single Management Platform

Configuring Administration Server

Certificates for work with Open Single Management Platform

Replacing the Administration Server certificate by using the klsetsrvcert utility

Kaspersky Next XDR Expert
Online Help
FAQ Forum Contact support Recovery tools

Replacing the Administration Server certificate by using the klsetsrvcert utility

May 15, 2024

ID 227838

Get as PDF

To replace the Administration Server certificate,

On the administrator host where the KDT utility is located, run the following command:

./kdt invoke ksc --action klsetsrvcert --param ksc_server_certificate=<path_to_new_certificate> --param ksc_server_cert_pass=<password>

where:

  • <path_to_new_certificate> is the path to the container with the certificate and a private key in the PKCS #12 format (file with the .P12 or .PFX extension).
  • <password> is the password used for protection of the PKCS #12 container. The certificate and a private key are stored in the container, therefore, the password is required to decrypt the file with the container.

By default, certificate validation parameters are not specified, a custom certificate without signing permission is used. You can replace the common certificate for port 13000.

You do not need to download the klsetsrvcert utility. It is included in the Kubernetes cluster and is not available for direct running. You can run the klsetsrvcert utility only by using KDT from the administrator host.

See also:

Scenario: Specifying the custom Administration Server certificate

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.