When users cannot access the OfficeScan management console from TMCM/Apex Central, the following error message appears:
- The managed product does not use HTTPS for communication. Connection to the managed product will not use a secure channel. That means data will be transmitted as plain text.
- Click Yes to proceed.
- Do you want to proceed?
- Do not show this message again.
When the OK button is clicked, subsequent error message is displayed:
Cannot log on to OfficeScan server due to one of the following reasons:
Public key is missing.
Please check that the public key of the Control Manager server exists on the OfficeScan server.
Please copy the public key to the OfficeScan server if the public key is missing.
Management Communication Protocol (MCP) Agent is not running on OfficeScan server.
Please start the MCP Agent on the OfficeScan server.
User privilege is not properly configured on the OfficeScan server
Please configure the required privilege for this user on the OfficeScan server.
Click here to open this OfficeScan server console in a new window.
To isolate this issue, the following troubleshooting steps were performed:
- Verified that OfficeScan is registered and that the CMAgent service is running.
- Verified the account privilege.
However, these steps did not resolve the issue.
To resolve this issue:
- Create a super user account in OfficeScan by following the steps in this article: Single-Sign On (SSO) is not working in OfficeScan 10 Make sure that the passwords are the same.
- Copy the SSO_PKI_PublicKey.pem file from the TMCM/Apex Central server folder to the OfficeScan server folder:
- TMCM/Apex Central server folder: ..\Trend Micro\Control Manager\WebUI\download
- OfficeScan server folder: ..\Trend Micro\OfficeScan\PCCSRV\CmAgent\key
Log in as super user account on the TMCM/Apex Central server using the SSO.
If the solution above did not resolve the issue, do the following:
- Create a backup of the following file:
C:\Program Files\Trend Micro\Control Manager\WebUI\download\SSO_PKI_PublicKey.pem
- Open a command prompt and change the current working directory to ..\Control Manager\Certificate\.
- Run the command below:
openssl rsa -in SSO_PKI_PrivateKey.pem -pubout -out "C:\Program Files\Trend Micro\Control Manager\WebUI\download\SSO_PKI_PublicKey.pem"
- Unregister and reregister the OfficeScan server from/to the TMCM/Apex Central server.