Kaspersky Security Center 14

Enabling certificate-based authentication of KES devices

February 26, 2024

ID 112804

To enable certificate-based authentication of a KES device:

  1. Open the system registry of the client device that has Administration Server installed (for example, locally, using the regedit command in the StartRun menu).
  2. Go to the following hive:
    • For 32-bit systems:

      HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\Components\34\.core\.independent\KLLIM

    • For 64-bit systems:

      HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab\Components\34\.core\.independent\KLLIM

  3. Create a key with the LP_MobileMustUseTwoWayAuthOnPort13292 name.
  4. Specify REG_DWORD as the key type.
  5. Set the key value on 1.
  6. Restart the Administration Server service.

Mandatory certificate-based authentication of the KES device using a shared certificate will be enabled after you run the Administration Server service.

The first connection of the KES device to the Administration Server does not require a certificate.

By default, certificate-based authentication of KES devices is disabled.

See also:

Scenario: Mobile Device Management deployment

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.