Download ServerProtect for Windows 5.8 Critical Patch Build 1548.

This critical patch adds feature allowing SPNT to update from HTTPS AU. The default configure value for HTTPS AU are as follows:

Below are the details:

• HttpsAuthCheckLevel : REG_DWORD
  • 0: No CA checked, use HTTPS to do the encryption transfer.
  • 1: Low level Check, check if the CA of HTTPS server should be trusted in the HTTPS local client.
  • 2: High level Check, check if the CA of HTTPS server should be trusted in the HTTPS local client and the CommonName in the server certificate must match the domain name in the update URL.
  • Other Values: Set this key value as 2 to mean that enable the high level check.
• SignatureCheck : REG_DWORD
  • 0: Disable the signature check.
  • Non-zero: Enable the signature check.
• UseTLS1.2Only: REG_DWORD
  • 0: Disable TLS v1.2 only, allows the use of protocol versions other than TLS v1.2 to do the HTTPS connection
  • Non-zero: Enable TLS v1.2 only, limits the use to TLS v1.2 only to do the HTTPS connection

To customize the configure keys for HTTPS AU, follow these steps:

1. Check the AU Download Source on the Update screen.

   

2. Create the new subkey named with your download source under the Path:
   • 32-bit Server:

     HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ServerProtect\CurrentVersion\Profile\ActiveUpdate

   • 64-bit Server:

     HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\TrendMicro\ServerProtect\CurrentVersion\Profile\ActiveUpdate

   

3. Customize the key value according to your requirement, then restart the IS service "Trend ServerProtect Agent".