Generating a TLS certificate of the Endpoint Agent component in the web interface of Kaspersky Anti Targeted Attack Platform and downloading a crypto container

To generate and download a TLS certificate for the connection of Kaspersky Anti Targeted Attack Platform with the application that is being used in the Endpoint Agent component role:

Sign in to the Kaspersky Anti Targeted Attack Platform web interface with the administrator credentials.
In the Kaspersky Anti Targeted Attack Platform web interface window, select the Settings section, Certificates subsection.
In the Endpoint Agent certificates section, click Generate and export.
This opens the Export certificate window.
In the Protect the file with a password section, enter the password in the Password and Confirm password fields. We recommend safekeeping this password for future use because the application does not save this password.
The crypto container must be password-protected. It is not possible to add a crypto container with an empty password to Kaspersky Endpoint Security.
Click Export.

The new TLS certificate is displayed in the TLS certificate table. The crypto container file with the certificate of the application that acts as the Endpoint Agent in the PFX format is downloaded to your browser's downloads folder on your local computer.

For details on managing TLS certificates, see the OpenSSL documentation.

The crypto container contains only the certificate file, but not the private key file. Kaspersky Anti Targeted Attack Platform does not store private keys for the TLS encryption of the connection.