After KUMA Core is installed, a unique self-signed CA certificate with the matching key is generated. This CA certificate is used to sign all other certificates for internal communication between KUMA components and REST API requests. The CA certificate is stored on the KUMA Core server in the /opt/kaspersky/kuma/core/certificates/ folder.
You can use your company's certificate and key instead of self-signed KUMA CA certificate and key.
Before changing KUMA certificate, make sure to make a backup copy of the previous certificate and key with the names backup_external.cert and backup_external.key.
To change KUMA certificate:
Keys must be in PEM format.
sudo systemctl restart kuma-core
command.You company's certificate and key are now used for internal communication between KUMA components and REST API requests.
Page top