Creating a KSC server certificate

Support

Support for business applications

Kaspersky IoT Secure Gateway 1000

Configuring Kaspersky IoT Secure Gateway 1000

Managing the security of Kaspersky IoT Secure Gateway 1000

Creating a KSC server certificate

June 7, 2023

ID 212880

Save as PDF

Expand all | Collapse all

A Kaspersky Security Center server certificate is required for securely connecting to Kaspersky IoT Secure Gateway 1000 through the Kaspersky Security Center 13.2 Web Console.

For detailed information about the requirements applied to Kaspersky Security Center server certificates, please refer to the section titled Requirements for user certificates in Kaspersky Security Center in the Kaspersky Security Center 13.2 Online Help Guide.

You can issue a new Kaspersky Security Center server certificate in the Kaspersky Security Center 13.2 Web Console.

To issue a new KSC server certificate through the Kaspersky Security Center 13.2 Web Console:

In the main window of the Kaspersky Security Center 13.2 Web Console, click the icon next to the name of the relevant Kaspersky Security Center Administration Server.
The Administration Server properties window opens.
Select the Certificates section.
In the Administration Server authentication by UEFI protection devices settings block, select Certificate issued through Administration Server.
Click the Reissue button.
In the opened window, configure the connection address:
- Use old connection address
  The address of the Administration Server to which Kaspersky IoT Secure Gateway 1000 connects will remain the same.
  
  This option is selected by default.
- Change connection address to
  If you need Kaspersky IoT Secure Gateway 1000 to connect to a different address, specify the relevant address in this field.
Click OK to save the changes.

The new KSC server certificate will be issued.

To upload a Kaspersky Security Center certificate file in the Kaspersky IoT Secure Gateway 1000 web interface, the Kaspersky Security Center certificate file that was created through the web interface of the Kaspersky Security Center 13.2 Web Console must be saved on the local computer.

To save a Kaspersky Security Center certificate file that was created in the Kaspersky Security Center 13.2 Web Console:

In the web interface menu of the Kaspersky Security Center 13.2 Web Console, click the icon next to the name of the relevant Kaspersky Security Center Administration Server.
The Administration Server properties window opens.
Select the Certificates section.
In the Administration Server authentication by UEFI protection devices settings group, select Certificate issued through Administration Server.
Click the Manage certificate button.
In the opened pane on the right, in the Connection address block, click the IP address of Kaspersky IoT Secure Gateway 1000 for which the certificate was issued.

The certificate file will begin to automatically download.

In Kaspersky IoT Secure Gateway 1000, you can download a Kaspersky Security Center certificate file only in CRT, CER, DER or PEM format. If necessary, you can use the OpenSSL tool to change the format of a Kaspersky Security Center certificate file. For example, to change the format of a certificate file from P12 to CRT, run the following command in the console:

openssl pkcs12 -in <certificate name>.p12 -clcerts -nokeys -out <certificate name>.crt

A created Kaspersky Security Center server certificate file needs to be added to Kaspersky IoT Secure Gateway 1000 to configure a connection with Kaspersky Security Center.

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.