Updating Kaspersky Sandbox TLS certificate data in Kaspersky Endpoint Agent

This Help provides information related to Kaspersky Endpoint Agent for Windows. This information may be partially or completely inapplicable to Kaspersky Endpoint Agent for Linux. For complete information about Kaspersky Endpoint Agent for Linux, please refer to the Help of the solution that includes the application: Kaspersky Anti Targeted Attack Platform or Kaspersky Managed Detection and Response.

When replacing the TLS certificate of Kaspersky Sandbox server, you will need to update TLS certificate data in Kaspersky Endpoint Agent and reconfigure trusted connection with Kaspersky Sandbox.

To update Kaspersky Sandbox TLS certificate data in Kaspersky Endpoint Agent:

  1. Open Kaspersky Security Center Administration Console.
  2. In the console tree, open the Policies folder.
  3. Select Kaspersky Endpoint Agent policy and open its properties window in one of the following ways:
    • Double-click the policy name.
    • Select Properties in the policy context menu.
    • Select the Configure policy settings item in the right part of the window.
  4. In the Kaspersky Sandbox integration section select the Kaspersky Sandbox integration settings subsection and the Kaspersky Sandbox integration settings group of settings.
  5. Select the Use pinned certificate to secure connection check box.
  6. Click the Add new TLS certificate button.

    The Adding TLS certificate window opens.

  7. Perform one of the following actions to add a TLS certificate created on Kaspersky Sandbox side:
    • Add a certificate file. Click Browse, and in the window that opens, select the certificate file and click Open.
    • Copy and paste the contents of the certificate file to the Paste TLS certificate data field.

    Kaspersky Endpoint Agent may have only one TLS certificate of Kaspersky Sandbox server. If you have added a TLS certificate before and then add a TLS certificate once again, only the last added certificate is valid.

  8. Click Add.

    Information about the added TLS certificate is displayed in the Kaspersky Sandbox integration settings group of settings.

  9. In the upper right corner of the settings group, change the switch from Policy not enforced to Under policy.
  10. Click OK.

As a result, Kaspersky Sandbox server TLS certificate data is updated and trusted connection with Kaspersky Sandbox is established.

See also

Configuring trusted connection on Kaspersky Sandbox side

Configuring trusted connection on Kaspersky Endpoint Agent side
Page top