Enabling certificate-based authentication of KES devices

Support

Support for business applications

Kaspersky Security Center 14

Kaspersky Security Center 14.2

Other routine work

Mobile Device Management

Managing KES devices

Enabling certificate-based authentication of KES devices

April 17, 2024

ID 112804

Get as PDF

To enable certificate-based authentication of a KES device:

Open the system registry of the client device that has Administration Server installed (for example, locally, using the regedit command in the Start → Run menu).
Go to the following hive:
- For 32-bit systems:
  HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\Components\34\.core\.independent\KLLIM
- For 64-bit systems:
  HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab\Components\34\.core\.independent\KLLIM
Create a key with the LP_MobileMustUseTwoWayAuthOnPort13292 name.
Specify REG_DWORD as the key type.
Set the key value on 1.
Restart the Administration Server service.

Mandatory certificate-based authentication of the KES device using a shared certificate will be enabled after you run the Administration Server service.

The first connection of the KES device to the Administration Server does not require a certificate.

By default, certificate-based authentication of KES devices is disabled.

Kaspersky Security Center: Optimization of daily routine tasks

A powerful administration console, with an additional flexible web-based interface that’s available wherever you are. Buy as part of Endpoint Security for Business Advanced.

Kaspersky Premium Support (MSA): High‑priority incident processing

Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.