Support

Support for business applications

Kaspersky Industrial CyberSecurity for Networks

Administration of Kaspersky Industrial CyberSecurity for Networks

Monitoring the state of Kaspersky Industrial CyberSecurity for Networks

Updating SSL connection certificates

Kaspersky Industrial CyberSecurity for Networks
Нет результатов
Online Help
FAQ Solution overview Forum Contact support Overview videos How-to Guide

Updating SSL connection certificates

December 5, 2024

ID 132294

Get as PDF

Kaspersky Industrial CyberSecurity for Networks can use the following certificates:

  • Certificates for connections between nodes of Kaspersky Industrial CyberSecurity for Networks.
  • Certificates for connecting to Kaspersky Industrial CyberSecurity for Networks through the web interface.
  • Certificates for connecting through the Kaspersky Industrial CyberSecurity for Networks API.
  • Certificates for connecting connectors.
  • Certificates for connections with Kaspersky Endpoint Agent.

It is recommended to update certificates in the following cases:

  • Current certificates have been compromised.
  • Certificates have expired.
  • Certificates need to be regularly updated in accordance with the information security requirements at the enterprise.

Updating certificates for connections between nodes of Kaspersky Industrial CyberSecurity for Networks

During installation of Kaspersky Industrial CyberSecurity for Networks, certificates for connections between nodes of Kaspersky Industrial CyberSecurity for Networks are automatically updated. You can manually update these certificates without reinstalling application components.

To update certificates for connections between nodes of Kaspersky Industrial CyberSecurity for Networks:

  1. On the Server computer, go to the /opt/kaspersky/kics4net/sbin/ folder and enter the command to launch the script for local certificate update:

    sudo bash kics4net-update-certs.sh

  2. After the script finishes, return all sensors to the initial state using the kics4net-reset-to-defaults.sh script that reverts the node to the initial state. The script is located on the computer with the installed application component in the /opt/kaspersky/kics4net/sbin/ folder.
  3. Add and connect sensors again.

Updating the certificate for connecting to the Kaspersky Industrial CyberSecurity for Networks Server through the web interface

To update the certificate for connecting to the Kaspersky Industrial CyberSecurity for Networks Server through the web interface, you need to replace the certificate used by the web server. You can specify a new web server certificate under Settings → Connection Servers on the Web server tab.

Updating the certificate for connecting to the Server through the Kaspersky Industrial CyberSecurity for Networks API

To update the certificate for connecting to the Server through the Kaspersky Industrial CyberSecurity for Networks API, you need to replace the certificate used by the REST API server. You can specify a new REST API server certificate under Settings → Connection Servers on the REST API server tab.

Updating certificates for connecting connectors

You can update the certificates used for connecting connectors when creating new communication data packages for connectors.

Updating certificates for connections with Kaspersky Endpoint Agent

You can update the certificates used for connections with Kaspersky Endpoint Agent when changing the settings of integration servers.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.