Generating SSL certificates for Kaspersky CyberTrace Web

Kaspersky CyberTrace Web uses an SSL certificate for HTTPS connections. By default, Kaspersky CyberTrace Web uses a self-signed certificate and a private key that are generated during the installation of Kaspersky CyberTrace.

The generated certificate is valid for two years. If it expires, you can generate a new SSL certificate by using the configurator (on Linux) or the executable installer (on Windows).

We recommend that you generate a certificate that will be trusted in your infrastructure, and then configure Kaspersky CyberTrace to use this certificate instead of the self-signed certificate.

Before making changes, create a backup copy of the existing private key, certificate, and Kaspersky CyberTrace Service configuration file.

To generate an SSL certificate for Kaspersky CyberTrace Web:

To generate a trusted certificate for Kaspersky CyberTrace Web:

  1. Create a private key and a trusted certificate:
    1. Create a new private and public key pair.
    2. Use the public key to generate an SSL Certificate Signing Request (CSR).
    3. Sign the CSR request by using the trusted CA

      This creates a trusted certificate for the private key.

  2. Convert the private key and the trusted certificate to PEM format.
  3. Copy both the private key and the certificate to the %service_dir%/httpsrv directory.
  4. Edit the GUISettings > HTTPServer > SSLCertificatePath and GUISettings > HTTPServer > SSLPrivateKeyPath elements of the Kaspersky CyberTrace Service configuration file if necessary so that they will contain the paths to the certificate and private key respectively.

    Save the Kaspersky CyberTrace Service configuration file.

  5. Restart Kaspersky CyberTrace Service.
Page top