Enabling certificate-based authentication of devices

To enable certificate-based authentication of a device:

1. Open the command line on a device where the Administration Server is installed.
2. Go to the directory containing the klscflag utility.

   By default, the utility is located in /opt/kaspersky/ksc64/sbin.

3. Run the following command under an account with root privileges to configure certificate-based authentication of devices on the Administration Server:

   ./klscflag -fset -pv ".core/.independent" -s KLLIM -n LP_MobileMustUseTwoWayAuthOnPort13292 -t d -v 1

4. Restart the Administration Server service.

After you start the Administration Server service, certificate-based authentication of the device using a shared certificate will be required.

The first connection of the device to the Administration Server does not require a certificate.

By default, certificate-based authentication of devices is disabled.