Reissuing the certificate for Kaspersky Security Center Web Console

Most browsers impose a limit on the validity term of a certificate. To fall within this limit, the validity term of the Kaspersky Security Center Web Console certificate is limited to 397 days. You can replace an existing certificate received from a certification authority (CA) by issuing a new self-signed certificate manually. Alternatively, you can reissue your expired Kaspersky Security Center Web Console certificate.

If you already use a self-signed certificate, you can also reissue it by upgrading Kaspersky Security Center Web Console through the standard procedure in the installer (Upgrade option).

When you open the Web Console, the browser may inform you that the connection to the Web Console is not private and the Web Console certificate is invalid. This warning appears because the Web Console certificate is self-signed and automatically generated by Kaspersky Security Center. To remove or prevent this warning, you can do one of the following:

• Specify a custom certificate when you reissue it (recommended option). Create a certificate that is trusted in your infrastructure and that meets the requirements for custom certificates.
• Add the Web Console certificate to the list of trusted browser certificates after you reissue the certificate. We recommend that you use this option only if you cannot create a custom certificate.

To issue a new certificate when you install Kaspersky Security Center Web Console for the first time:

1. Run the routine installation of Kaspersky Security Center Web Console.
2. When you reach the Client certificate step of the setup wizard, select the Generate new certificate option, and then click the Next button.
3. Progress through the remaining steps of the setup wizard until you finish the installation.

   A new certificate for Kaspersky Security Center Web Console is issued with a validity term of 397 days.

To reissue the expired Kaspersky Security Center Web Console certificate:

1. Under an account with administrator rights, run the ksc-web-console-<version number>.<build number>.exe installation file.
2. In the setup wizard window that opens, select a language, and then click OK.
3. In the welcome window, select the Reissue certificate option, and then click Next.
4. On the next step, wait until the reconfiguration of Kaspersky Security Center Web Console is complete, and then click Finish.

   The Kaspersky Security Center Web Console certificate is reissued for another validity term of 397 days.

If you use Identity and Access Manager, you must also reissue all the TLS certificates for the ports that Identity and Access Manager uses. Kaspersky Security Center Web Console displays a notification when a certificate expires. You must follow the notification instructions.