Updating certificates

It is recommended to update the administrator certificate or Kaspersky Security Center server certificate in the following cases:

• Current certificates have been compromised.
• Certificates have expired.
• Certificates need to be regularly updated in accordance with information security requirements.

When updating the administrator certificate in the Kaspersky IoT Secure Gateway 1000 web interface, you may need to restart the browser or clear the cache of the current user session in Kaspersky IoT Secure Gateway 1000.

Loading widely known Certification Authority certificates is not recommended, as all servers that use certificates signed by these Certification Authority certificates will be trusted. This situation will lead to Kaspersky IoT Secure Gateway 1000 being compromised.

To add or remove a certificate:

1. In the menu in the left part of the web interface page, select Settings → System security.

   This opens a window displaying the following information about certificates:

   • The Administrator certificate area shows data on the current administrator certificate.
   • The Kaspersky Security Center server certificate area shows data on the current certificate of the Kaspersky Security Center server.
2. If you need to replace the administrator certificate with a new one, in the Administrator certificate block click the Upload button and select the certificate file in the opened window.

   Only files in the CRT, CER, DER, or PEM format can be added as a certificate.

   The new administrator certificate will upload to the system and the previously uploaded certificate will be deleted.

   Kaspersky IoT Secure Gateway 1000 does not let you delete an administrator certificate without replacing the certificate with a new one.

3. If you need to add or delete a certificate previously uploaded to the Kaspersky Security Center server, complete one of the following steps in the Kaspersky Security Center server certificate block:
   • If you need to upload a Kaspersky Security Center server certificate, click the Upload button and select the certificate file in the open window.

     Only files in the CRT, CER, DER, or PEM format can be added as a certificate.

     The new Kaspersky Security Center server certificate will upload to the system and the previously uploaded certificate will be deleted.

   • If you need to delete the KSC server certificate, click the Delete button and confirm deletion.

     If there is no KSC server certificate in the system, it is not possible to configure the settings for connecting to the Kaspersky Security Center server or to connect to the Kaspersky Security Center server.

Page top