Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Apple devices running iOS 13 and Mac OS 10.15 cannot use InterScan Web Security Virtual Appliance (IWSVA) 6.5 SP2 with HTTPS Decryption

    • Updated:
    • 31 May 2021
    • Product/Version:
    • Interscan Web Security Virtual Appliance 6.5
    • Platform:
    • N/A
Summary

In InterScan Web Security Virtual Appliance (IWSVA), the default maximum RSA key length (rsa_length) for HTTPS decryption is 2048 bits which may cause network and performance issues on protected computers.

Details
Public

This Hot Fix 1926 sets the default maximum RSA key length to 1024 bits and adds a hidden key to enable IWSVA to support changes to the "rsa_length" value.

 
Changes "rsa_length" to 2048 bits might require more CPU cores when many HTTPS sites are decrypted at the same time because the key length becomes longer. Trend Micro recommends tripling the number of CPU cores under this scenario.
 

Performing the manual steps is required.

To configure the "rsa_length" value:

  1. Install Hotfix 1926, which you need to request from Technical Support.
  2. Log on to IWSVA either directly or with Secure Shell (SSH) as administrator.
  3. Run the following commands:

    enable
    configure module https public-key length 2048 exit

     

    To restore the default settings, run:

    enable
    configure module https public-key length 1024 exit

     

For more detailed information, check the Readme file that will be provided when you request for the Hot Fix 1926 from Trend Micro Technical Support.

Premium
Internal
Partner
Rating:
Category:
Configure; Install
Solution Id:
000160042
Feedback
Did this article help you?

Thank you for your feedback!


*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.