When selecting the UDP protocol, the use of certificates to provide connection protection is not supported.
Managing certificates requires the rights of a user with the Administrator (admin) role.
You can manage certificates used to connect to the KUMA server using commands. What you can do with certificates:
To add or replace the server certificate, run the following command:
kesl-control [-M] --add-kuma-server-certificate <file path>
where <file path> is the path to the PFX file containing the server certificate.
To add or change a client certificate:
kesl-control [-M] --add-kuma-client-certificate <file path>
where <file path> is the path to the cryptocontainer (PFX archive) containing the client certificate and private key.
The client certificate is used for additional protection of the connection to the KUMA server if client certificate verification is enabled in the KUMA server settings and in the Integration with Kaspersky Unified Monitoring and Analysis Platform task settings, the UseClientCertificate setting is set to yes.
To display certificate information, run the following command:
kesl-control [-M] --query-kuma-server-certificate
kesl-control [-M] --query-kuma-client-certificate
Running the command displays the following certificate information:
To delete the server certificate information, run the following command:
kesl-control [-M] --remove-kuma-server-certificate
To delete the client certificate information, run the following command:
kesl-control [-M] --remove-kuma-client-certificate