Managing certificates requires the rights of a user with the Administrator (admin) role.
You can manage certificates used to connect to the Central Node servers responsible for interaction with KATA Sandbox (Sandbox servers) using commands. You can do the following with certificates:
To add or replace the server certificate, run the following command:
kesl-control [-X] --add-sandbox-server-certificate <file path>
where <file path> is the path to the file containing the server certificate.
To add or change a client certificate:
kesl-control [-X] --add-sandbox-client-certificate <file path>
where <file path> is the path to the cryptocontainer (PFX archive) containing the client certificate and private key.
The client certificate is used for additional protection of the connection to the Sandbox server if client certificate verification is enabled in the Sandbox server settings and if in the settings of the KATA Sandbox Integration task, UseClientCertificate is set to yes.
To display certificate information, run the following command:
kesl-control [-X] --query-sandbox-server-certificate
kesl-control [-X] --query-sandbox-client-certificate
Running the command displays the following certificate information:
To delete the server certificate information, run the following command:
kesl-control [-X] --remove-sandbox-server-certificate
To delete the client certificate information, run the following command:
kesl-control [-X] --remove-sandbox-client-certificate