Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Third-party signed SSL certificate of OfficeScan is removed after rebooting the server

    • Updated:
    • 25 Sep 2017
    • Product/Version:
    • OfficeScan 11.0
    • OfficeScan XG.All
    • Platform:
    • Windows 2008 Datacenter
    • Windows 2008 Datacenter 64-bit
    • Windows 2008 Enterprise
    • Windows 2008 Enterprise 64-bit
    • Windows 2008 Server R2 Enterprise
    • Windows 2008 Standard
    • Windows 2008 Standard 64-bit
    • Windows 2012 Datacenter R2
    • Windows 2012 Standard
    • Windows 2012 Standard R2
Summary

When you replace the SSL certificate of OfficeScan website via IIS Manager and then you reboot the server or restart the OfficeScan services, the SSL certificate reverts back to the original.

Details
Public

This is a normal behavior of OfficeScan. By default, OfficeScan and its integrated Smart Protection Server (SPS) use the same port for HTTPS. For IIS Default web site users, the port is 443. For IIS Virtual web site users, the port is 4343.

When the integrated SPS service is restarted, it checks the value of "HTTPS" and "HTTPS_CERT" in PCCSRV\WSS\Service.ini to import the certificate. For example, HTTPS=4343 and HTTPS_CERT=Server2012.

To ensure that the certificate will not be reverted:

 
For OfficeScan XG, please update to OfficeScan XG Patch 1 Critical Patch 1708 at least.
  1. Stop the following services:
    • OfficeScan Master Service
    • OfficeScan Active Directory Integration Service
    • Trend Micro Smart Protection Server
  2. Open the <Server installation folder>\PCCSRV\WSS\Service.ini file.
  3. Replace the value of "HTTPS_CERT" with the correct name. For the example below, the value is modified to "OfficeScan Server NTSG".
  4. Save the changes in the file.
  5. Open <Server installation folder>\PCCSRV\SRS\apricot_config.
  6. Replace the value of "cert_cn". For the example below, the value is modified to "OfficeScan Server NTSG".
  7. Save the changes in the file.

    HTTPS_CERT

  8. Restart the aforementioned services in Step 1.
Premium
Internal
Rating:
Category:
Troubleshoot
Solution Id:
1105079
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.