You want to configure the central log reporting or settings replication with two (2) IWSVA servers, one as log source and one as log server. However, if the log server's web UI uses SSL mode, you should import the opposite IWSVA certification file to each other and then register them using an HTTPS connection.
When trying to connect to the configuration replication source from the configuration receiver, you get the following error:
You are not connected to the replication source. Make sure the source's web console is accessable.
The issue occurs because one IWSVA server does not trust the certificate of the other when using the HTTPS interface. To resolve the issue, build a trust relationship between the two:
- On the primary IWSVA (configuration replication source) shell execute:
/usr/iwss/AdminUI/jre/bin/keytool -export -alias tomcat -file iwsvaweb.crt -keystore /etc/iscan/AdminUI/tomcat/keystore
- On both the configuration replication source AND receiver shell, execute:
/usr/iwss/AdminUI/jre/bin/keytool -importcert -noprompt -keystore /usr/iwss/AdminUI/jre/lib/security/cacerts -storepass changeit -alias tomcat -file iwsvaweb.crt/etc/iscan/S99IScanHttpd restart
- Try to connect to both IWSVA servers again through the AdminUI.
If the issue persists, contact Trend Micro Technical Support.
