Summary
This article lists the required certificates when using Apex Central in an air-gapped environment or non-patched server.
In air-gapped environment, servers were considered to have no internet connectivity (e.g. not able to obtain Windows Update).
This can also be automatically solved by installing the latest Windows Update.
Without the required certificates in place, Apex Central may not be able to deploy policies to managed products (e.g. Apex One)
The following error could happen if required certificate does not exist:
2020-10-15 09:49:42,980 265 [1] WARN - [AuthCodeChecker] False: IsPassed(D:\Program Files (x86)\Trend Micro\Control Manager\WebUI\WebApp\Bin\OSCE_iAC.dll) [0] 2020-10-15 09:49:42,996 281 [1] WARN - [AuthCodeChecker] False: IsPassed(D:\Program Files (x86)\Trend Micro\Control Manager\WebUI\WebApp\Bin\OSCE_iES_SchedulerHandler.dll) [0] 2020-10-15 09:49:43,012 296 [1] WARN - [AuthCodeChecker] False: IsPassed(D:\Program Files (x86)\Trend Micro\Control Manager\WebUI\WebApp\Bin\WebAPIEDREntry.NET.dll) [0]
Details
Download required certificates and import it to Trusted Root Certificate store:
- Open the certificate and click Install Certificate...
- Once the Certificate Import Wizard appears, click Next.
For Windows 2012, select Local Machine and click Next. - Select Place all certificates in the following store and click Browse.
- Check Show physical stores > Trusted Root Certification Authorities > Local Computer and click OK.
For Windows Server 2016 or later version, choose Trusted Root Certification Authorities. - Click Finish. A pop-up window will notify you that the import was successful.
