Generating a TLS certificate of the Endpoint Agent component in the web interface of Kaspersky Anti Targeted Attack Platform and downloading a crypto container

To generate a TLS certificate for the connection of Kaspersky Anti Targeted Attack Platform with the application that is being used in the Endpoint Agent component role:

Sign in to the Kaspersky Anti Targeted Attack Platform web interface with the administrator credentials.
In the Kaspersky Anti Targeted Attack Platform web interface window, select the Settings section, Certificates subsection.
In the Endpoint Agent certificates section, click Generate and export.

The new TLS certificate is displayed in the TLS certificate table. The crypto container file with the Kaspersky Endpoint Agent certificate in the PFX format is downloaded to the browser downloads folder on your local computer.

You can use the crypto container to configure the validation of Kaspersky Endpoint Agent TLS certificate by the Central Node server when attempting to connect to Kaspersky Anti Targeted Attack Platform.

By default, the crypto container is not password-protected. You can protect the crypto container with a password. For details on managing TLS certificates, see the OpenSSL documentation.

The crypto container contains only the certificate file, but not the private key file. Kaspersky Anti Targeted Attack Platform does not store private keys for the TLS encryption of the connection.