The issue occurs because of the Authentication Agent that you deployed that also works as an HTTPS website. You host this website and the URL (hostname/IP) is not the default one, therefore, the default certificate is not valid for the Authentication Agent.
The default certificate is signed by the IWSaaS service CA, but in this case, the default URL "authagent.iws.trendmicro.com" will not match the address of your authentication agent site.
You need to apply for a valid certificate, which is signed by a trusted CA, with the right site address and import the certificate into the Authentication Agent by the authentication tool.
To resolve the issue, create certificate files and import them to the authentication agent tool:
- Open a command prompt.
-
Run the following command to change the directory to C:\Program Files (x86)\Trend Micro\InterScan Web Security as a Service\AuthenticationAgent\Apache-20\bin
cd "C:\Program Files (x86)\Trend Micro\InterScan Web Security as a Service\AuthenticationAgent\Apache-20\bin"
-
Execute the following command to create the certificate files:
openssl req -x509 -nodes -days 3650 -newkey rsa:1024 -keyout "%tmp%\auth.key" -out "%tmp%\auth.crt" -config ..\conf\openssl.cnf
-days 3650: expires after 3650 days (10 years). You can change this number. -
Input the parameters of the certificate (take note of the value of "Common Name"):
*Common Name: auth.example.com {FQDN or IP of Authentication Agent, e.g. 192.168.1.1}
- Go to %tmp% folder and get auth.key & authcrt.
- Import them to the Authentication Agent tool
After the certificate is imported into the Agent, you can now import the certificate into the browser's trust certificate (Trusted CA) list.