Problem with backup certificate

Wednesday at 05:09 PM

I performed a backup of the Kaspersky Security Center (KSC) server from AD-TF-01 to AD-TF-02. The process completed successfully, including the certificate backup (as far as I can tell), but the network agents on the endpoints are not recognizing the new server's certificate. As a result, all devices are now appearing as unmanaged. What could be causing this issue, and how can I resolve it?

Wednesday at 06:20 PM

Name of server.

Edited Wednesday at 06:20 PM by Renan Corassa

Wednesday at 06:34 PM

12 minutes ago, Renan Corassa disse:

Name of server.

SERV-AD-TF-02 ( 10.10.240.251 ) is the one i'm using now

Wednesday at 06:52 PM

@Gabriel Boettcher hello

If possible, restore your server to its previous state and follow the article: https://support.kaspersky.com/13920

If this is not possible, please follow the next recommendation from the article:

Use the klmover utility to restore connection from uncontrolled devices to Administration Server, for example, after an Administration Server failure, if it is not possible to restore from a backup.

Wednesday at 07:13 PM

20 minutes ago, Demiad disse:

@Gabriel Boettcher hello

If possible, restore your server to its previous state and follow the article: https://support.kaspersky.com/13920

If this is not possible, please follow the next recommendation from the article:

Use the klmover utility to restore connection from uncontrolled devices to Administration Server, for example, after an Administration Server failure, if it is not possible to restore from a backup.

But klmover utility has to be used on each computer? we have over 150 computers that lost connection to the server

Wednesday at 07:14 PM

@Gabriel Boettcher
1. Uninstall KSC completely.
2. Change the server name to the old one.
3. Reinstall KSC.
4. Restore the backup using KLBACKUP.

Everything will almost certainly return to normal.
The certificate has the old server name.

To avoid having to use KLMOVER and/or DNS records for pointing.

2 minutes ago, Gabriel Boettcher disse:

Mas o utilitário klmover tem que ser usado em cada computador? Temos mais de 150 computadores que perderam a conexão com o servidor

The computers will be discovered again and you can apply an installation task after importing the .bat file with the server data by calling klmover and pointing to the Unassigned Devices group.

Wednesday at 07:18 PM

@Gabriel Boettcher

The connection address of Network Agents should be the same as before. Check which connection address Network Agents are using: https://support.kaspersky.com/ksc/15.1/3912

value "Administration Server address"

Then you will avoid the need to run the klmover utility.

2025-07-17T17:16:56Z

22 horas atrás, Renan Corassa disse:

@Gabriel Boettcher
1. Uninstall KSC completely.
2. Change the server name to the old one.
3. Reinstall KSC.
4. Restore the backup using KLBACKUP.

Everything will almost certainly return to normal.
The certificate has the old server name.

To avoid having to use KLMOVER and/or DNS records for pointing.

The computers will be discovered again and you can apply an installation task after importing the .bat file with the server data by calling klmover and pointing to the Unassigned Devices group.

i tried to backup in the same server TF-01 . but it says "certificate incorrect" after i try log on on mmc. I don't understand where does this certificate go after the backup is completed.

2025-07-17T19:51:26Z

2 horas atrás, Gabriel Boettcher disse:

Tentei fazer backup no mesmo servidor TF-01, mas aparece a mensagem "certificado incorreto" depois que tento fazer login no MMC. Não entendi para onde vai esse certificado depois que o backup é concluído.

Gabriel,
Restart the kladminserver service and try accessing it again.

2025-07-17T19:58:43Z

5 minutes ago, Renan Corassa disse:

Gabriel,
Restart the kladminserver service and try accessing it again.

On mmc this worked but in web console it didn't. Still in MMC the devices can't recognize the certificate

2025-07-17T20:39:39Z

@Gabriel Boettcher
To repair access to the KSC Web Console,
Before beginning the entire process of restoring access to the Web Console, close all open browsers or those that are accessing the Web Console link.

Open Control Panel (from the Run menu, use the appwiz.cpl command) → Programs and Features.
Select the Kaspersky Security Center Web Console product and click Uninstall/Change.
Choose your preferred language > OK.
Select Reissue Certificate and click Next.
Wait until the process is complete and then try accessing the Web Console again.

42 minutes ago, Gabriel Boettcher disse:

No MMC isso funcionou, mas no console web não. Ainda no MMC, os dispositivos não conseguem reconhecer o certificado.

Did you do the above procedure?

2025-07-17T20:43:31Z

2 minutes ago, Renan Corassa disse:

@Gabriel Boettcher
To repair access to the KSC Web Console,
Before beginning the entire process of restoring access to the Web Console, close all open browsers or those that are accessing the Web Console link.

Open Control Panel (from the Run menu, use the appwiz.cpl command) → Programs and Features.
Select the Kaspersky Security Center Web Console product and click Uninstall/Change.
Choose your preferred language > OK.
Select Reissue Certificate and click Next.
Wait until the process is complete and then try accessing the Web Console again.

Did you do the above procedure?

Yes, the web console is working now, but the devices still aren’t connecting to the server

Problem with backup certificate

Recommended Posts

Gabriel Boettcher

Renan Corassa

Gabriel Boettcher

Demiad

Gabriel Boettcher

Renan Corassa

Demiad

Gabriel Boettcher

Renan Corassa

Gabriel Boettcher

Renan Corassa

Gabriel Boettcher

Please sign in to comment

Forum

Products

Support

Personal Account