By default, Identity and Access Manager uses the certificates generated by the Administration Server to grant browsers access to Kaspersky Security Center Web Console. However, If you want, you can use custom certificates. Whatever certificate you use, you must make sure that all workstations from which Kaspersky Security Center Web Console users access Kaspersky Security Center Web Console trust this certificate.
To download and distribute certificates:
In the main menu, go to Console settings → Integration.
For each certificate, click the Settings link under the relevant group of settings, and then do one of the following:
If you want to use the certificate that the Administration Server generated during the installation of Kaspersky Security Center Web Console:
Select Certificate generated by Administration Server in the certificate properties window that opens.
Click the Download button to download the certificate.
Distribute the downloaded certificate to all workstations from which Kaspersky Security Center Web Console users access Kaspersky Security Center Web Console.
If you have a certificate that you want to use:
Select Custom TLS certificate in the certificate properties window that opens.
Select the certificate file and the private key.
Click the OK button.
Distribute the certificate to all workstations from which users access Kaspersky Security Center Web Console or Kaspersky Industrial CyberSecurity Console.
The certificates grant users access to Kaspersky Security Center Web Console and Kaspersky Industrial CyberSecurity Console.
You have to re-issue all the certificates timely. The certificates generated by the Administration Server must be re-generated manually. The certificates generated by the Kaspersky Security Center Web Console installer must be re-generated by using the installer.