Import the server certificate from file

Fill in the path to the EEI Server Certificate (.PFX file), that was created in ESET PROTECT Server or use the Change button to manually navigate to the file location, fill in the certificate password if applicable. Fill in the path to Certification Authority or use the Change button to navigate to the file location manually. Click Next.
EEI_GUI_Install_8

Continue with one of the available options on implementing the essential certificate for HTTPS/SSL connection between the EEI Web console and web browser:

1.Get the EEI Web console certificate from ESET PROTECT

2.Import the certificate from a file

3.Use the same certificate as for Agent/Server communication. After choosing this option, click the Install button to start the installation process.

4.If there is a problem with the installation, follow the instructions in the dialog box that appears. Click Finish to complete the installation.

5.Open https://localhost in a web browser to log into EEI. If you want to access EEI from a different device, write the IP Address or hostname of the EEI Server in a browser.

6.Type in the username and password of the ESET PROTECT user that has the correct ESET PROTECT Permission Settings. An Administrator and User account with the following ESET PROTECT Account Settings are needed. For ESET PROTECT account creation instructions, see the Admin Access Rights topic.

important

Important

By default certificates created by the ESET PROTECT use * (an asterisk) as a hostname (wildcard certificate). EEI does not support such certificates. The user has to use the real hostname of the EEI Server.

The certificates have to be provided in PKCS #12 format.

PKCS #12 is a file format, used for storing many cryptography objects as a single file - like certificates or certification authorities. Usually files which use PKCS #12 have extension ".pfx" or ".p12".

certificates cannot have only "*" (one asterisk, nothing more) in place for a host, in the following places:

CN (common name)

alternative names (from extension {{Subject Alternative Name from }}RFC5280)

CN in additional certificates (PKCS #12 can hold additional certificates)

alternative names in additional certificates for example:

   "*" is not allowed.

   "*.yourcompany.com" is allowed

   "yourcompany.*.hq.com" is allowed.

Another file format, frequently used in cryptography, is X509. Files using those format usually have extension ".der" or ".pem".

In ESET Enterprise Inspector certificates are kept in ".pfx" files, and certification authorities are kept in ".der" files.

Mandatory parameters for creating Peer Certificate are:

Product: "Enterprise Inspector Server"

Host: Use a real IP Address of the EEI Server

In case you want to connect EEI agent from another network, add another IP or hostname by separating it with space, comma, or semicolon. For example: HOST 192.168.20.22;10.1.183.88

important

Important

Do not use the semicolon symbol ; in the file name or the folder name in the path of the certificate. It is used to separate multiple certificates if applicable.