Support

Support for business applications

Kaspersky Secure Mail Gateway

Using the TLS protocol in the operation of Kaspersky Secure Mail Gateway

Managing TLS certificates

Adding a CSR-based certificate

Generating a certificate in the certification authority

Kaspersky Secure Mail Gateway
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ Download Buy Renew Forum Contact support Recovery tools

Generating a certificate in the certification authority

26 April 2024

ID 207964

The instructions are provided for Microsoft Enterprise Certification Authority deployed on Windows Server 2016.

We recommend using the Internet Explorer browser. Other browsers may display some Microsoft Enterprise Certification Authority pages incorrectly.

To generate a CSR-based certificate:

  1. Open a previously created request file in any text editor and copy the contents of the file to the clipboard.
  2. Open the page of your certification authority in your browser: https://<server address>/certsrv.
  3. Select Request a certificate.

    This opens the Request a Certificate page.

  4. Select advanced certificate request.

    This opens the Advanced Certificate Request page.

  5. Select Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.

    This opens the Submit a Certificate Request or Renewal Request page.

  6. In the Base-64-encoded certificate request (CMC or PKCS #10 or PKCS #7) field, paste the contents of the request file that you copied at step 1.
  7. In the Certificate Template drop-down list, select one of the following options:
    • Template with the Server Authentication extension if you want to use the certificate as a server certificate.
    • Template with the Client Authentication extension if you want to use the certificate as a client certificate.
    • Template with the Server Authentication and Client Authentication extensions if you want to use the certificate as a server certificate and a client certificate.
  8. Click Submit.

    This opens the Certificate Issued page.

  9. Do the following:
    1. Select the encoding of the certificate file.

      The application supports the DER and Base64 encodings for certificates.

    2. Select the format of the certificate:
      • If you want to download the final certificate file with the .cer extension that does not contain intermediate certificates, select Download certificate.
      • If you want to download the full chain of certificates as a PKCS#7 container with the .p7b extension, select Download certificate chain.

      We recommend downloading the full chain of certificates to avoid problems with validating intermediate certification authorities.

The certificate is generated and saved on your computer in the browser's downloads folder.

Kaspersky Endpoint Security for Business Advanced: Adaptive security of your company
Web and device controls. Data encryption. Centralized and convenient management from a single console.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.