The TLS encryption protocol ensures secure data transfer between a client and a server using SSL connection certificates. An SSL connection certificate (hereinafter referred to as an "SSL certificate" or simply "certificate") is a block of data containing information about the certificate owner, the owner's public key, and the start and end dates of certificate validity.
In Kaspersky Thin Client, certificates are used for the following purposes:
If the user is connecting to a remote environment or to a log server in the Kaspersky Thin Client interface for the first time, and the thin client is in one of the following states:
then the user can independently accept or reject the certificate in the Kaspersky Thin Client interface. All accepted certificates will be saved in the thin client certificate store. In this case, a user could also connect to nodes and use certificates that are not controlled by the administrator.
We recommend configuring the Kaspersky Thin Client connection to a log server and to a remote environment only using certificates that were assigned by the administrator in the Web Console. In this case, all certificates that were previously accepted by a user will be removed from the thin client certificate store. These measures will help prevent Kaspersky Thin Client from connecting to untrusted nodes.
We advise to update the assigned certificates in the following cases:
Kaspersky Thin Client does not check to see if the certificate is on the Certificate Revocation List.
Page top