Updating a certificate when migrating to a new Kaspersky Security Center Server

To migrate thin clients to a new Kaspersky Security Center Administration Server, issue a certificate, save it on the current Kaspersky Security Center Server as a reserve one, and then use it on the new Server as the primary certificate.

To issue and prepare a new certificate:

Start the console and go to the folder in which you want to create the certificate.
Run the OpenSSL utility and issue the certificate using the following command:
openssl req -x509 -sha256 -nodes -days 397 -newkey rsa:2048 -keyout <key file name>.key -out <certificate file name>.crt

The generated certificate and key files are saved locally.
Package the certificate and the key into a container using the following command:
openssl pkcs12 -export -out -<container name>.pfx -inkey <key file name>.key -in <certificate file name>.crt
Enter and repeat the password for the container. This password is required when uploading the certificate to the servers.

As a result, the container file in PFX format is saved locally.

To upload a certificate to the current Kaspersky Security Center Server as a reserve one:

Go to the folder where Kaspersky Security Center is installed and launch the console.
Run the klsetsrvcert utility and enter the following command:
klsetsrvcert -t MR -i <path to the container> -p <container password> -o NoCA

You do not need to download the klsetsrvcert utility. The utility is included in the Kaspersky Security Center distribution kit.

After the command execution, Kaspersky Security Center restarts.

The reserve certificate is uploaded to the Web Console.

To upload the certificate to a new Kaspersky Security Center Server as the main one:

In the console, start the klsetsrvcert utility and run the following command:

klsetsrvcert -t M -i <path to the container> -p <container password> -o NoCA

After execution of the instructions above, the certificate for connecting to the new Kaspersky Security Center Administration Server is updated.

Page top