Create a new Certificate

As part of the installation process, ESET Remote Administrator requires that you create a Peer certificate for Agents. These certificates are used to authenticate products distributed under your license.

icon_details_hoverNOTE

There is one exception, an Agent certificate for server assisted installation cannot be created manually. This certificate is generated during server installation, provided that Generate certificates is selected.

To create a new certificate in the ERA Web Console, navigate to Admin > Certificates and click Actions > New.

icon_sectionBasic

Description - Enter description for the certificate.

Product - Select the type of certificate you want to create from the drop-down menu.

Host - Leave the default value (an asterisk) in the Host field to allow for distribution of this certificate with no association to a specific DNS name or IP address.

validation-status-icon-warning IMPORTANT

When creating the MDM certificate, fill in the IP address or Hostname of the MDM Host device. The default value (an asterisk) is not valid for this type of certificate.

Passphrase - We recommend that you leave this field blank, but you can set a passphrase for the certificate that will be required when clients attempt to activate.

Attributes (subject)

These fields are not mandatory, but you can use them to include more detailed information about this certificate.

Common name - This value should contain the string "Agent", "Proxy" or "Server", according to the selected Product.

If you want, you can enter descriptive information about the certificate.

Enter the Valid from and Value to values to ensure that the certificate is valid.

icon_details_hoverNOTE

For all Certificates and Certification Authorities created during installation of ERA components, the Valid from value is set to 2 days before certificate creation.

For all Certificates and Certification Authorities created in the ERA Web Console, the Valid from value is set to 1 day before certificate creation. The reason for this is to cover all possible time discrepancies between affected systems.

For example, a Certification Authority and Certificate, created 2017 Jan 12 during installation will have a pre-defined Valid from value of 2017 Jan 10 00:00:00, and a Certificate Authority and Certificate created 2017 Jan 12 in ERA Web Console will have a pre-defined Valid from value of 2017 Jan 11 00:00:00.

icon_section Sign

Select from two signing methods:

Certification authority - If you would like to sign using the ERA Certification Authority (created CA during ERA installation).

oSelect the ERA Certification Authority from the list of certification authorities

oCreate a new certification authority

Custom pfx file - To use a custom .pfx file, click Browse, navigate to your custom .pfx file and click OK. Select Upload to upload this certificate to the Server.

icon_details_hoverNOTE

If you would like to sign a new certificate using the ERA CA (created during ERA installation) in ERA Virtual Appliance, it is necessary to enter a Certification Authority Passphrase. This is the password you specified during ERA VA configuration

icon_section Summary

Review the certificate information you entered and click Finish. The certificate is now successfully created and will be available in the Certificates list to use when installing the Agent. The certificate will be created in your home group.

icon_details_hoverNOTE

As an alternative to creating a new certificate, you can Import a Public Key , Export a Public Key or Export a Peer Certificate.