The procedures in this section show you how to add the self-signed certificates generated during Kaspersky Scan Engine installation to the trusted storage. This will remove the security warnings generated by browsers.
The information in this section is applicable to the situation when the user gains access to Kaspersky Scan Engine GUI from the same computer on which Kaspersky Scan Engine GUI runs. If the Settings > ServerSettings > ConnectionString element of the Kaspersky Scan Engine configuration file refers to an external interface, the Kaspersky Scan Engine GUI website will not be considered trusted, because the self-signed certificate can be used only with https://127.0.0.1 and https://localhost addresses.
To avoid potential security risks, it is recommended to use a trusted certificate signed by a certificate authority (CA). For more information, see section "Generating SSL certificates for Kaspersky Scan Engine GUI".
Causing a self-signed certificate to be trusted by a browser (Kaspersky Scan Engine GUI opens in Mozilla Firefox)
You add Kaspersky Scan Engine GUI to the list of Mozilla Firefox trusted sites so that the browser will not display warnings about the certificate.
Causing a self-signed certificate to be trusted by a browser (Kaspersky Scan Engine GUI opens in a browser for Linux)
Procedures for using a browser to import a certificate as trusted (on Linux systems) vary depending on the browser and Linux distribution used. But the procedures share common steps: to open the browser settings form and use the form to import the certificate to a store.
To manually cause a self-signed certificate to be trusted by a browser on a Linux system:
/usr/local/share/ca-certificates/ directory if it does not exist on your computer:mkdir /usr/local/share/ca-certificates/
cp <full_path_to_the_certificate> /usr/local/share/ca-certificates/
sudo update-ca-certificates
If you do not have the ca-certificates package, install it with your package manager.
Removing a certificate from the list of trusted ones
After you have reconfigured or uninstalled Kaspersky Scan Engine, old certificates are no longer used by Kaspersky Scan Engine GUI. You can remove them from the list of trusted certificates.
On a Linux system, the removal procedure is performed in a way that is similar to the addition of a certificate: open the list of the trusted certificates and remove those that you do not need.
Page top