ESET Online Help

Search
Select the category
Select the topic

Import the server certificate from file

Fill in the path to the ESET Inspect Server Certificate (.PFX file) that was created in ESET PROTECT Server or use the Change button to navigate to the file location manually. Fill in the certificate password if applicable. Fill in the path to Certification Authority or use the Change button to manually navigate to the file location.. Click Next.

EEI_GUI_Install_8

Continue with one of the available options for implementing the essential certificate for HTTPS/SSL connection between the ESET Inspect Web Console and web browser:

1.Get the ESET Inspect Web Console certificate from ESET PROTECT

2.Import the certificate from a file

3.Use the same certificate as for Connector/Server communication. After choosing this option, click the Install button to start the installation process.

4.If there is a problem with the installation, follow the instructions in the dialog box that appears. Click Finish to complete the installation.

5.Open https://localhost in a web browser to log into ESET Inspect. If you want to access ESET Inspect from a different device, write the IP Address or hostname of the ESET Inspect Server in a browser.

6.Type in the username and password of the ESET PROTECT user with the correct ESET PROTECT Permission Settings. An Administrator and User account with the following ESET PROTECT Account Settings is needed. See the Admin Access Rights topic for ESET PROTECT account creation instructions.

important

By default, certificates created by the ESET PROTECT use * (an asterisk) as a hostname (wildcard certificate). ESET Inspect does not support such certificates. The user has to use the real hostname of the ESET Inspect Server.

The certificates have to be provided in PKCS #12 format.

PKCS #12 is a file format, used for storing many cryptography objects as a single file - like certificates or certification authorities. Usually, files that use PKCS #12 have extension ".pfx" or ".p12".

Certificates cannot have only "*" (one asterisk, nothing more) in place for a host in the following places:

CN (common name)

alternative names (from extension {{Subject Alternative Name from }}RFC5280)

CN in additional certificates (PKCS #12 can hold additional certificates)

alternative names in additional certificates, for example:

"*" is not allowed.

"*.yourcompany.com" is allowed

"yourcompany.*.hq.com" is allowed.

Another file format frequently used in cryptography is X509. Files using those formats usually have extension ".der" or ".pem".

In ESET Inspect, certificates are kept in ".pfx" files, and certification authorities are kept in ".der" files.

Mandatory parameters for creating a Peer Certificate are:

Product: "ESET Inspect Server"

Host: Use a real IP Address of the ESET Inspect Server

If you want to connect ESET Inspect Connector from another network, add another IP or hostname by separating it with a space, comma, or semicolon. For example, HOST 192.168.20.22;10.1.183.88

important

Do not use the semicolon symbol ";" in the filename or the folder name in the path of the certificate. It is used to separate multiple certificates if applicable.