When you start the setup wizard from a browser, Symantec Endpoint Detection and Response generates a self-signed SSL certificate for the EDR appliance console. You can use this certificate to encrypt all EDR appliance console sessions. For better security, however, Symantec recommends that you install a certificate that is created specifically for your Symantec EDR appliance. Make sure a trusted Certificate Authority signs the certificate.
The following procedure describes how to import a trusted Certificate Authority certificate. Each physical appliance or virtual appliance must have its own unique certificate.
Certificates may be CRT or CER format, with DER or PEM encoding. Only certificates with RSA keys are supported. Keys should not be pass phrase protected. They are encrypted within Symantec EDR.
Validation is done after the bundle is uploaded. To complete the validation, the following are required:
Self-signed server certificate
Server certificate that root CA signed. Bundle of (server cert + root CA)
Server certificate that an intermediate CA signed - can be multiple intermediate CA. Bundle of (server cert + intermediate CAs + root CA)
To secure access to the EDR appliance console
Copy the certificate and key to a location that you can browse to from the EDR appliance console.
Do one of the following:
In the EDR cloud console, click Settings. Under Environment, select an appliance and then click Global.
In the EDR appliance console on the Settings > Global.
Scroll down to SSL Certificate.
Click Edit Certificate.
Beside the Certificate field, click Browse. Navigate to and select your certificate.
Beside the Unencrypted Private Key field, click Browse. Navigate to and select your key.
Repeat steps 4 through 7 on each browser that is used to access the EDR appliance console.