Import the server certificate from file

Fill in the path to the ESET Inspect Server Certificate (.PFX file) that was created in ESET PROTECT Server or use the Change button to manually navigate to the file location, fill in the certificate password if applicable. Fill in the path to Certification Authority or use the Change button to navigate to the file location manually. Click Next.

EEI_GUI_Install_8

Continue with one of the available options for implementing the essential certificate for HTTPS/SSL connection between the ESET Inspect Web Console and web browser:

1.Get the ESET Inspect Web Console certificate from ESET PROTECT

2.Import the certificate from a file

3.Use the same certificate as for Connector/Server communication. After choosing this option, click the Install button to start the installation process.

4.If there is a problem with the installation, follow the instructions in the dialog box that appears. Click Finish to complete the installation.

5.Open https://localhost in a web browser to log into ESET Inspect. If you want to access ESET Inspect from a different device, write the IP Address or hostname of the ESET Inspect Server in a browser.

6.Type in the username and password of the ESET PROTECT user that has the correct ESET PROTECT Permission Settings. An Administrator and User account with the following ESET PROTECT Account Settings are needed. For ESET PROTECT account creation instructions, see the Admin Access Rights topic.


important

By default, certificates created by the ESET PROTECT use * (an asterisk) as a hostname (wildcard certificate). ESET Inspect does not support such certificates. The user has to use the real hostname of the ESET Inspect Server.

The certificates have to be provided in PKCS #12 format.

PKCS #12 is a file format, used for storing many cryptography objects as a single file - like certificates or certification authorities. Usually files which use PKCS #12 have extension ".pfx" or ".p12".

certificates cannot have only "*" (one asterisk, nothing more) in place for a host, in the following places:

CN (common name)

alternative names (from extension {{Subject Alternative Name from }}RFC5280)

CN in additional certificates (PKCS #12 can hold additional certificates)

alternative names in additional certificates for example:

   "*" is not allowed.

   "*.yourcompany.com" is allowed

   "yourcompany.*.hq.com" is allowed.

Another file format, frequently used in cryptography, is X509. Files using those format usually have extension ".der" or ".pem".

In ESET Inspect certificates are kept in ".pfx" files, and certification authorities are kept in ".der" files.

Mandatory parameters for creating Peer Certificate are:

Product: "ESET Inspect Server"

Host: Use a real IP Address of the ESET Inspect Server

In case you want to connect ESET Inspect Connector from another network, add another IP or hostname by separating it with space, comma, or semicolon. For example: HOST 192.168.20.22;10.1.183.88


important

Do not use the semicolon symbol ; in the file name or the folder name in the path of the certificate. It is used to separate multiple certificates if applicable.