Configuring a trusted connection on the Kaspersky Sandbox server

To configure a trusted connection of Kaspersky Sandbox with Kaspersky Endpoint Agent, you must generate or upload a TLS certificate in Kaspersky Sandbox, save it on a computer, and then upload it to the Kaspersky Endpoint Agent application.

In the Kaspersky Sandbox web interface window, select the TLS certificates section.
Under TLS certificate for connection to the EPP application, click Generate.
The action confirmation window opens.
Click Yes.

Kaspersky Sandbox generates a new TLS certificate. The browser page is automatically reloaded.

You can prepare the TLS certificate and upload it via the Kaspersky Sandbox web interface.

The uploaded TLS certificate file must satisfy the following requirements:

The file must contain the certificate and a private encryption key for the connection.
The file must be in PEM format.
The private key length must be 2048 bits or longer.

For more details about preparing TLS certificates for import, see the Open SSL documentation.

To upload the TLS certificate via the Kaspersky Sandbox web interface:

In the Kaspersky Sandbox web interface window, select the TLS certificates section.
Under TLS certificate for connection to the EPP application, click Upload.
The file selection window opens.
Select the TLS certificate file that you want to upload and click Open.
The file selection window closes.

The TLS certificate is added to Kaspersky Sandbox.

To save the TLS certificate file for the connection with Kaspersky Endpoint Security on a computer:

In the Kaspersky Sandbox web interface window, select the TLS certificates section.
Under TLS certificate for connection to the EPP application, click Download.
When downloading, the browser may display a notification saying that the file is potentially dangerous. This is a standard warning for .crt files. The TLS certificate file is not dangerous for the computer.

The TLS certificate file is saved in the downloads folder of the browser.