How to install a custom certificate for the Integration Server in Kaspersky Security for Virtualization 5.1 Light Agent
Latest update: June 20, 2019 ID: 14677
When you install the Integration Server, the application generates a local self-signed certificate which is used by the server when establishing SSL connections. You can replace it using the instructions below.
When changing the Integration Server certificate, a new SVM certificate will be generated.
- PFX format.
- Contains secret key.
- The Common Name (CN) value in the Subject field corresponds to the full domain name of the Integration Server (FQDN).
- The Subject alternative name field contains the IP Address and DNS Name values:
- External and local IP addresses of the Administration Server are specified in the IP Address
- External and local IP addresses as well as the domain name of the Administration Server are specified in the DNS Name
- Key Usage:
- Enhanced Key Usage:
- Server Authentication (188.8.131.52.184.108.40.206.1)
- Client Authentication (220.127.116.11.18.104.22.168.2)
- Make sure you have administrator’s rights on the Integration Server.
- Open the PowerShell command line with administrator’s rights.
- Run the Replace-Viis Certificate command and follow the instructions.
- Update policies of Light Agents and SVMs so that they receive the new certificate key.
The certificate has been installed.