[KB6170] Create a new certificate for new workstations to automatically join a Dynamic Group in ESET Remote Administrator (6.x)


ESET business product no longer supported

This content applies to an ESET product version that is currently in End of Life status and is no longer supported. This content is no longer updated. 

For a complete list of supported products and support level definitions, review the ESET End of Life policy for business products.

Upgrade ESET business products.

  • Create and deploy a new certificate for new workstations to automatically join a Dynamic Group based on Certificate serial number

To create a new certificate or certificate authority, or to create a new certificate set to other specific parameters for a certain group of client computers, see the following Knowledgebase article: 


Certificates are used to authenticate products distributed under your license to identify computers on your network, which ensures a secure communication between your ERA Server and clients, and also to establish secured connection of ERA Web Console. 

Your Certificate Authority (CA) is used to legitimize certificates distributed from your network. In an enterprise setting, a public key can be used to automatically associate client software with the ERA Server to allow for remote installation of ESET products.


Examples of Dynamic Group templates and their use

For aditional examples of using Dynamic Group templates, see Dynamic Group template - examples in ERA Online Help and Related articles below.

To create a new certificate in ESET Remote Administrator for new workstations to automatically join a Dynamic Group, follow the instructions below:

  1. Open ESET Remote Administrator Web Console (ERA Web Console) in your web browser and log in.

  2. Click Admin Certificates → New → Certificate.
  3. Expand the Basic section and complete the following attributes:
    1. Description: Type in a descriptive name to identify which computer or which Dynamic Groups this certificate will be for.
    2. Product: Select Agent from the drop-down menu (Agent is selected by default).

Figure 1-1

  1. Expand the Sign section and click

Figure 1-2

  1. Select the certification authority that you want to use and then click OK

Figure 1-3

  1. Click Finish. The new certificate with the description you chose in step 3 will be included in the list of Peer Certificates. Click the new certificate and select Edit from the context menu.

Figure 1-4

  1. In the Edit Certificate window, copy the Serial Number value (for example, by selecting the text and pressing Ctrl + C on your keyboard). 

Figure 1-5

  1. Click Computers , click the gear icon  and select New Dynamic Group from the context menu. 

Figure 1-6

  1. Expand the Basic section and in the Name field, type a descriptive name for the Dynamic Group.

Figure 1-7

  1. Expand the Template section and click New.

Figure 1-8

  1. In the Basic section, type a descriptive name in the Name field for the template.

Figure 1-9

  1. Expand Expression and click Add Rule

Figure 1-10

  1. Expand Peer certificate, click Serial number to select it and then click OK.  

Figure 1-11

  1. In the empty field, paste (Ctrl + V) or type in the serial number you copied in step 7. Click Finish

Figure 1-12

  1. Expand the Summary section to view details about the certificate. Click Finish when you are done making changes. Your new certificate will be displayed in the list of peer certificates (Admin → Certificates Peer Certificates).

The new Dynamic Group is now ready to filter new workstations based on the certificate serial number. When you create an Agent installer, select the new certificate and it will be added to the new Dynamic Group.