Views:

This is a normal behavior of OfficeScan. By default, OfficeScan and its integrated Smart Protection Server (SPS) use the same port for HTTPS. For IIS Default web site users, the port is 443. For IIS Virtual web site users, the port is 4343.

When the integrated SPS service is restarted, it checks the value of "HTTPS" and "HTTPS_CERT" in PCCSRV\WSS\Service.ini to import the certificate. For example, HTTPS=4343 and HTTPS_CERT=Server2012.

To ensure that the certificate will not be reverted:

  • Add a friendly name to your certificate in Windows Certificate Store

    Module state

     
    When naming the friendly name, make sure the friendly name is not the same as the original name of the certificate.
     
  • Patch to OfficeScan XG B5417 or later or Apex One
  1. Stop the following services:
    • OfficeScan Master Service
    • OfficeScan Active Directory Integration Service
    • Trend Micro Smart Protection Server
  2. Open the <Server installation folder>\PCCSRV\WSS\Service.ini file.
  3. Replace the value of "HTTPS_CERT" with the correct name. For the following example, the value is modified to "OfficeScan Server NTSG".

  4. Add the following new setting and set it to the certificate friendly name.

    HTTPS_CERT_FRIENDLY_NAME=(certificate friendly name)

    Module state

  5. Save the changes in the file.
  6. Open <Server installation folder>\PCCSRV\SRS\apricot_config.
  7. Replace the value of "cert_cn". For the example below, the value is modified to "OfficeScan Server NTSG".

  8. Locate the <cert_cn></cert_cn> options tag. Under it add the following tag and specify the friendly name inside.

    <cert_friendly_name></cert_friendly_name>

    Module state

  9. Save the changes in the file.

    Module state

  10. Restart the aforementioned services in Step 1.
Keywords: SSL,SSL certificate,Reboot OfficeScan server,SSL certificate for web console,certificate