Uploading a TLS certificate of the Central Node server or Sensor to Kaspersky Endpoint Agent
To upload a TLS certificate of the Central Node or Sensor server to Kaspersky Endpoint Agent:
Open the KSC Console.
In the console tree, open the Policies folder.
In the Kaspersky Endpoint Agent policy section, select the required policy and double-click it to open its properties.
The properties of the selected policy are displayed.
In the KATA integration section, select the KATA integration settings subsection.
Select the Enable KATA integration check box.
In the Address field, enter the address of the Central Node server of the Kaspersky Anti Targeted Attack Platform program that you want to configure integration with, and select a port to use for the connection. Port 443 is used by default.
Select the Use pinned certificate to secure connection check box.
Click Add new TLS certificate....
This opens the Adding TLS certificate window.
To add a TLS certificate previously created on the Kaspersky Anti Targeted Attack Platform side and downloaded, do one of the following:
Add a certificate file. To do so, click Browse...; in the window that is displayed, select a certificate file and click Open.
Paste the content of the certificate file to the Paste TLS certificate data: field.
Kaspersky Endpoint Agent can store only one TLS certificate for the Kaspersky Anti Targeted Attack Platform server. If you have added a TLS certificate before and are adding a TLS certificate again, only the last added certificate is used.
If you have configured traffic redirection to the server with the Sensor component, you must download the TLS certificate of the Sensor server and then upload it here.
Click Add.
Information about the added TLS certificate is displayed in the section for integration with Kaspersky Anti Targeted Attack Platform.
Make sure the toggle switch in the upper right corner of the group of settings is in the Under policy position.
Click OK.
The TLS certificate of the Central Node server is downloaded to Endpoint Agent.