The Kerio Control web interface allows remote administration of the firewall via a web browser (Kerio Control Administration) and viewing of Internet usage statistics. It also allows viewing of information regarding attempts to access forbidden web pages (see chapter 2.11 Web Rules Definition) and users can use it to set several parameters of their accounts. The Clientless SSL-VPN interface is used for secured remote connections to shared files in local networks by a web browser.
For proper functionality of web services, an SSL certificate is required that proves the server's identity. To create certificates for web interfaces, go to Configuration → Advanced Options, to the Web Interfaces or the SSL-VPN. In advanced settings of individual interfaces, select and Create certificate.
The server name for which the certificate will be issued should be identical with the server name including domain — in our example, name server.company.com
is used. For access to Kerio Control interfaces from the Internet, a record for this name must exist also in public DNS.
It is recommended to replace the created SSL certificates by an SSL certificate issued by a public certification authority (one certificate can be used both for the web interface and the Clientless SSL-VPN interface — there is no need to pay for two certificates).