Using An Existing SSL Certificate - R7 through R9.3

Please note that this article only applies to version R7, R8, R9, R9.1, R9.2 and R9.3

Note: If you've upgraded to 9.4, please refer to this article: Using An Existing SSL Certificate - R9.4 And Up.

If you already have a SSL Certificate installed in MS-IIS and you wish to export and use in the Kaseya Application Firewall please review the directions below:

1. Start the Microsoft Management Console (MMC) by going to Start->mmc.exe



2. From MMC, choose File->Add/Remove Snap-in



3. From Add or Remove Snap-ins, select "Certificates" then click "Add" 



4. Select "Computer Account"




5. Select "Local Computer"




6. You now see "Certificates (Local Computer) in the selected snap-ins, click "OK"




7. Select Your Certificate


In the left-hand pane, open Certificates->Personal->Certificates and it will show you all the SSL Certificates you have installed.  Select the one you wish to export, right click, select "All Tasks" and click "Export"




8. Start the Certificate Export Wizard, then click "next"




9. You must select "Yes, export the private key", then click "next"




10. You must select "PKCS#12 and check "Include all certificates in the certification path if possible" and "Export all extended properties", then click "next"





11. Provide a name for your export (and browse to the location you want to save it to) then click "next"





12. Give the file a password




13. Complete the export




14. You have exported the PKCS#12 file with your certificate(s) included.  Please make sure during the export steps above you have selected the following:

a) Export the private key

b) Checked "Include all certificates in the certification path if possible"

c) Checked "Export all extended properties", then click "next"

*You may receive errors or certificate warnings if you did not include the above items during the export.


15. Now You Need to Import Your Certificate File into the Kaseya Application Firewall.

This can be done either during installation when you are prompted

Below is a screenshot of the prompt during installation:



After installation by going to Start->Programs->Kaseya->SSL Configuration Tool and using the SSL Configuration Tool the screen will look like this.



NOTE: If you receive the error "Failed to update certificate details in registry" error on step 15​:


This is caused by the 'SSL Configuration Tool' not having permission to write to the registry.

The solution for fixing this error is as follows:

  • Right click on Command Prompt and choose Run as Admin
  • Change directory to C:\Kaseya\Services\KaseyaApplicationFirewall\
  • Type: java -jar kaftool.jar --importui

This will launch the SSL Tool running as admin and should let it write to the registry. You can now continue to complete Step 15


16. Using Either Process, copy your certificate file to a safe location on the machine (where it won't be deleted), then use either of the above pictured interfaces to browse to select that file, enter the password/passphrase you set when you exported it and click update/next.


17. Go to Services and Restart the "Kaseya.ApplicationFirewall" service (if you are running Version 7) or "Kaseya Edge Services" service (if you are running R8 and later) and the system will now use the SSL Certificate you imported.

Was this article helpful?
24 out of 24 found this helpful
Have more questions? Submit a request


Article is closed for comments.