Root privileges are required to manage certificates.
You can manage certificates used to connect to Kaspersky Industrial CyberSecurity for Networks integration server using commands. What you can do with certificates:
To add or replace the server certificate, run the following command:
kics-control [-K] --add-kics4networks-server-certificate <file name and path>
where <file name and path>is the name and path to the file that contains the certificate in DER or PEM format.
The server certificate is used to secure the connection to the integration server if the UseServerCertificate parameter is set to yes in the settings of the Integration with Kaspersky Industrial CyberSecurity for Networks task.
To add or change a client certificate:
kics-control [-K] --add-kics4networks-client-certificate <file name and path>
where <file name and path>is the name and path to the PFX archive containing the client certificate.
The client certificate is used for additional protection of the connection to the integration server, if client certificate verification is enabled in the integration server settings and the UseClientCertificate parameter is set to yes in the settings of the Integration with Kaspersky Industrial CyberSecurity for Networks task.
To display certificate information, run the following command:
kics-control [-K] --query-kics4networks-server-certificate
kics-control [-K] --query-kics4networks-client-certificate
Running the command displays the following certificate information:
To delete the server certificate information, run the following command:
kics-control [-K] --remove-kics4networks-server-certificate
To delete the client certificate information, run the following command:
kics-control [-K] --remove-kics4networks-client-certificate
If certificate usage is configured in the settings of the Integration with Kaspersky Industrial CyberSecurity for Networks task and the task is running, deletion of this certificate ends with an error.
Page top