When you replace the SSL certificate of OfficeScan website via IIS Manager and then you reboot the server or restart the OfficeScan services, the SSL certificate reverts back to the original.
This is a normal behavior of OfficeScan. By default, OfficeScan and its integrated Smart Protection Server (SPS) use the same port for HTTPS. For IIS Default web site users, the port is 443. For IIS Virtual web site users, the port is 4343.
When the integrated SPS service is restarted, it checks the value of "HTTPS" and "HTTPS_CERT" in PCCSRV\WSS\Service.ini to import the certificate. For example, HTTPS=4343 and HTTPS_CERT=Server2012.
To ensure that the certificate will not be reverted:
- Open the PCCSRV\WSS\Service.ini file.
- Replace the value of "HTTPS_CERT" with the correct name. For the example below, you have to modify the value to "OfficeScan Server NTSG".
If your OfficeScan server name is trendofficescan.local, replace the value of HTTPS_CERT to "trendofficescan.local". If you are using a wildcard SSL certificate *.local, replace the value of HTTPS_CERT to "*.local".
- Save the changes in the file.
- Restart the Trend Micro Smart Scan Server service or reboot the server.