Integration of the application with the public key infrastructure (PKI) is required to simplify the issuance of domain certificates to users. Following integration, certificates are issued automatically.
The minimum supported PKI server version is Windows Server 2008.
You have to configure the account for integration with PKI. The account must meet the following requirements:
To create a permanent user profile, log on at least once under the configured user account on the device with Administration Server installed. In this user's certificate repository on the Administration Server device, install the Enrollment Agent certificate provided by domain administrators.
To configure integration with the public keys infrastructure:
The Integration with PKI section of the Certificate issuance rules window opens.
A dedicated service is run in Kaspersky Security Center under the specified user account. This service is responsible for issuing users' domain certificates. The service is run when the list of certificate templates is loaded by clicking the Refresh list button or when a certificate is generated.
Following integration, certificates are issued automatically.