ESET Online Help

Search
Select the category
Select the topic

Import the server certificate from file

Fill in the path to the ESET Inspect Server Certificate (.PFX file) that was created in ESET PROTECT Server or use the Change button to navigate to the file location manually. Fill in the certificate password if applicable. Fill in the path to Certification Authority or use the Change button to manually navigate to the file location. Click Next.

EEI_GUI_Install_8

Continue with one of the available options for implementing the essential certificate for HTTPS/SSL connection between the ESET Inspect Web Console and web browser:

1.Get the ESET Inspect Web Console certificate from ESET PROTECT On-Prem

2.Import the certificate from a file

3.Use the same certificate as for Connector/Server communication.

important

By default, certificates created by the ESET PROTECT On-Prem use * (an asterisk) as a hostname (wildcard certificate). ESET Inspect On-Prem does not support such certificates. The user has to use the real hostname of the ESET Inspect Server.

The certificates have to be provided in PKCS #12 format.

PKCS #12 is a file format, used for storing many cryptography objects as a single file - like certificates or certification authorities. Usually, files that use PKCS #12 have extension ".pfx" or ".p12".

Certificates cannot have only "*" (one asterisk, nothing more) in place for a host in the following places:

CN (common name)

alternative names (from extension {{Subject Alternative Name from }}RFC5280)

CN in additional certificates (PKCS #12 can hold additional certificates)

alternative names in additional certificates, for example:

"*" is not allowed.

"*.yourcompany.com" is allowed

"yourcompany.*.hq.com" is allowed.

Another file format frequently used in cryptography is X509. Files using those formats usually have extension ".der" or ".pem".

In ESET Inspect On-Prem, certificates are kept in ".pfx" files, and certification authorities are kept in ".der" files.

Mandatory parameters for creating a Peer Certificate are:

Product: "ESET Inspect Server"

Host: Use a real IP Address of the ESET Inspect Server

If you want to connect ESET Inspect Connector from another network, add another IP or hostname by separating it with a space, comma, or semicolon. For example, HOST 192.168.20.22;10.1.183.88

important

Do not use the semicolon symbol ";" in the filename or the folder name in the path of the certificate. It is used to separate multiple certificates if applicable.