Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Self-signed certificate does not show in InterScan Web Security Virtual Appliance (IWSVA)

    • Updated:
    • 22 Jul 2014
    • Product/Version:
    • InterScan Web Security Virtual Appliance 5.6
    • InterScan Web Security Virtual Appliance 6.0
    • Platform:
    • Linux Common Version
Summary
The HTTPS decryption is enabled and you apply a self-signed certificate of IWSVA on your browser. However, the default certificate, which is IWSS.TREND, still shows.
IWSS.TREND certificate shows
Click image to enlarge.
Details
Public
IWSVA still gets the old certificates because “Spoofed” certificates generated by iwssd are stored in the var/iwss/https/certstore/certificates memory cache. 
Before iwssd generates a new “Spoofed” certificate to spoof the identity of the destination server to the client, it checks the “Spoofed” certificate cache. If it exists, the certificate in the cache is used to establish SSL connection to client.
To resolve the issue, clear the cached certificates:
  1. Log in as root on CLI.
  2. Stop HTTP scanning daemon using the command:
    /var/iwss/S99ISproxy stop
  3. Navigate to the /var/iwss/https/certstore/certificates folder.
  4. Remove all the PEM files using the command:
    rm -f *.pem
  5. Start HTTP scanning daemon using the command:
    /var/iwss/S99ISproxy start
Premium
Internal
Rating:
Category:
Troubleshoot
Solution Id:
1104301
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.