The table below shows the requirements for custom certificates specified for different components of Kaspersky Security Center.
Requirements for Kaspersky Security Center certificates
Certificate type |
Requirements |
Comments |
---|---|---|
Common certificate, Common reserve certificate ("C", "CR") |
Minimum key length: 2048. Basic constraints:
Extended Key Usage (optional): server authentication, client authentication. |
Extended Key Usage parameter is optional. Path Length Constraint value may be an integer different from "None," but not less than 1. |
Web Server certificate |
Extended Key Usage: server authentication. The PKCS #12 / PEM container from which the certificate is specified includes the entire chain of public keys. The Subject Alternative Name (SAN) of the certificate is present; that is, the value of the The certificate meets the effective requirements of web browsers imposed on server certificates, as well as the current baseline requirements of the CA/Browser Forum. |
Not applicable. |
Kaspersky Security Center 13 Web Console certificate |
The PEM container from which the certificate is specified includes the entire chain of public keys. The Subject Alternative Name (SAN) of the certificate is present; that is, the value of the The certificate meets the effective requirements of web browsers to server certificates, as well as the current baseline requirements of the CA/Browser Forum. |
Encrypted certificates are not supported by Kaspersky Security Center 13 Web Console. |