The TLS encryption protocol ensures secure data transfer between a client and a server using SSL connection certificates. An SSL connection certificate (hereinafter referred to as an "SSL certificate" or simply "certificate") is a block of data containing information about the certificate owner, the owner's public key, and the start and end dates of certificate validity.
In Kaspersky Thin Client, certificates are used for the following purposes:
If a thin client is not connected to Kaspersky Security Center and the administrator has not assigned certificates for it in the Web Console, a user can independently accept or reject a certificate in Kaspersky Thin Client when connecting to a remote environment or to a log server. All accepted certificates will be saved in the thin client certificate store. In this case, a user could also connect to nodes and use certificates that are not controlled by the administrator.
You are advised to configure the Kaspersky Thin Client connection to a log server and to a remote environment only using certificates that were assigned by the administrator in the Web Console. In this case, all certificates that were previously accepted by a user will be removed from the thin client certificate store. These measures will help prevent Kaspersky Thin Client from connecting to untrusted nodes.
You are advised to update the assigned certificates in the following cases:
Kaspersky Thin Client does not check to see if the certificate is on the Certificate Revocation List.
Page top