[KB8051] Migrate to a new certificate chain in ESET PROTECT On-Prem

Issue

• You enabled advanced security and need to migrate to a new certificate chain
• Your current certificates have expired and you need to migrate to a new certificate chain
• You do not remember your current Certification Authority (CA) passphrase and need to migrate to a new certificate chain

Solution

1. Create a new Certification Authority and certificates
2. Change certificate for ESET Management Agent
3. Change certificate for ESET Bridge
4. Change certificate for ESET PROTECT Server

I. Create a new Certification Authority and certificates

Create a new Certification Authority and Peer Certificate in ESET PROTECT On-Prem.

II. Change certificate for ESET Management Agent

1. Open the ESET PROTECT Web Console.

2. Create a policy in ESET PROTECT or ESET PROTECT On-Prem.

3. In the Settings section, select ESET Management Agent from the drop-down menu, and click Change certificate.

   

4. Click Open certificate list.

   

5. Select the check box next to the new agent certificate and click OK.

   

6. Click OK.

   

III. Change certificate for ESET Bridge

1. Open the ESET PROTECT Web Console.

2. Create a policy in ESET PROTECT or ESET PROTECT On-Prem.

3. In the Settings section, select ESET Bridge from the drop-down menu, enable the toggle next to HTTPS certificate, and click Change certificate.

   

4. Click Open certificate list.

   

5. Select the check box next to the new ESET Bridge certificate and click OK.

   

6. Click OK.

   

IV. Change certificate for ESET PROTECT Server

1. Open the ESET PROTECT Web Console.

2. Click More → Settings → Change certificate.

   

3. Click Open certificate list.

   

4. Select the check box next to the new server certificate and click OK.

   

5. Click OK.

   

6. Click Save.

   

7. Restart the ESET PROTECT Server service.