This section contains information about how to work with certificates of mobile devices.
The root certificate for mobile devices has a fixed expiration term of 700 days after its generation. The reserve certificate is generated 60 days prior to the expiration date. You can modify the time period for generating a reserve certificate with the following command:
klscflag.exe -fset -pv klserver -n KLSRV_AKLWNGT_MDM_CERT_CHANGE_TIMEOUT -t d -v <
timeout in seconds
>
The time period for generating a reserve certificate needs to be long enough for all managed mobile devices to synchronize with the Administration Server and retrieve the certificate.
The klscflag utility is located in the folder where Administration Server is installed. The default installation path is <Disk>:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Center.
Manual renewal of the root certificate for mobile devices is not supported.