Support

Support for business applications

Kaspersky Thin Client

Using certificates in Kaspersky Thin Client

Kaspersky Thin Client
Нет результатов
Knowledge Base Online Help
FAQ Forum Contact support Recovery tools

Using certificates in Kaspersky Thin Client

May 30, 2024

ID 273797

Get as PDF

The TLS encryption protocol ensures secure data transfer between a client and a server using SSL connection certificates. An SSL connection certificate (hereinafter referred to as an "SSL certificate" or simply "certificate") is a block of data containing information about the certificate owner, the owner's public key, and the start and end dates of certificate validity.

In Kaspersky Thin Client, certificates are used for the following purposes:

  • Connecting a thin client to Kaspersky Security Center.
  • Connecting to a remote environment:
    • Authentication of the Remote Desktop Connection Broker server when connecting to a remote desktop or virtual application.
    • Authentication of the broker when connecting to a remote desktop managed by Basis.WorkPlace.
    • Authentication of the server address when connecting to a remote environment in Web Access.
  • Connecting to a log server.

If a thin client is not connected to Kaspersky Security Center and the administrator has not assigned certificates for it in the Web Console, a user can independently accept or reject a certificate in Kaspersky Thin Client when connecting to a remote environment or to a log server. All accepted certificates will be saved in the thin client certificate store. In this case, a user could also connect to nodes and use certificates that are not controlled by the administrator.

You are advised to configure the Kaspersky Thin Client connection to a log server and to a remote environment only using certificates that were assigned by the administrator in the Web Console. In this case, all certificates that were previously accepted by a user will be removed from the thin client certificate store. These measures will help prevent Kaspersky Thin Client from connecting to untrusted nodes.

You are advised to update the assigned certificates in the following cases:

  • Current certificates have been compromised.
  • Certificates have expired.
  • Certificates need to be regularly updated in accordance with the information security requirements of your enterprise.

Kaspersky Thin Client does not check to see if the certificate is on the Certificate Revocation List.

Kaspersky Professional Services
Implementation services. Health check and security system configuration. Contact us if you need expert help.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.