Kaspersky Thin Client does not check to see if the certificate is on the Certificate Revocation List.
About certificates for connecting to Kaspersky Security Center
If the Kaspersky Security Center administrator replaces the certificate for connecting to Kaspersky Security Center, some cases may require confirmation of the certificate replacement. For example, this may be required if the thin client was turned off for a long time, has not synchronized with Kaspersky Security Center, and the certificate previously used to connect to Kaspersky Security Center has expired.
To confirm replacement of the mobile certificate for connecting to Kaspersky Security Center:
As a result, the new certificate for connecting to Kaspersky Security Center will be saved in the Kaspersky Thin Client certificate store and will be subsequently used to connect to Kaspersky Security Center.
About certificates used to connect to a remote environment and to a log server
If a thin client is not connected to Kaspersky Security Center and the administrator has not assigned certificates for it in the Web Console, a user could also connect to nodes and use certificates that are not controlled by the administrator. You are advised to configure the connection of a group of thin clients to a log server and to a remote environment only using certificates that were assigned by the administrator in the Web Console. These measures will help prevent Kaspersky Thin Client from connecting to untrusted nodes.
You can use or reject a certificate in the Kaspersky Thin Client interface in the following cases:
Accepted certificates are saved in the system store of Kaspersky Thin Client.
If a thin client is included in an administration group and this group has been assigned certificates in the Web Console, you will not be able to manage the certificates in the Kaspersky Thin Client interface.
Page top