After updating SSL certificate settings on the management web console (Administration > System Settings > SSL Certificate), the Management Web console cannot be used anymore.
To solve the SSL certificate issue:
- Go to the SSFE server system.
- Verify the disk and make sure the available space is not 0 using the command:
safesync@appliance1:/$ df -h
- Check if the EU and Admin console key match:
safesync@appliance1:/opt/SingleInstaller/MgmtUI/SSL$ openssl rsa -noout -modulus -in mgmt.key | openssl md5
safesync@appliance1:/opt/SingleInstaller/MgmtUI/SSL$ openssl rsa -noout -modulus -in mgmt.crt | openssl md5
safesync@appliance1:/opt/TrendMicro/OSDP/SSL$ openssl rsa -noout -modulus -in safesync.lport.key | openssl md5
safesync@appliance1:/opt/TrendMicro/OSDP/SSL$ openssl x509 -noout -modulus -in safesync.lport.crt | openssl md5The four results should be the same.
-
If there is a key mismatch in /MgmtUI/SSL, do the following to resolve the issue:
- Go to /opt/SingleInstaller/MgmtUI/SSL/ Back up to back up mgmt.crt and mgmt.key to another location.
- Remove the mgmt.crt and mgmt.key under /opt/SingleInstaller/MgmtUI/SSL/
root@appliance1:/opt/SingleInstaller/MgmtUI/SSL# rm mgmt.* - Copy safesync.lport.key and safesync.lport.crt to /opt/SingleInstaller/MgmtUI/SSL/
root@appliance1:/opt/SingleInstaller/MgmtUI/SSL# cp /opt/TrendMicro/OSDP/SSL/safesync.lport.* /opt/SingleInstaller/MgmtUI/SSL/. - Rename safesync.lport.key and safesync.lport.crt to mgmt.key and mgmt.crt
root@appliance1:/opt/SingleInstaller/MgmtUI/SSL# mv safesync.lport.crt mgmt.crt | mv safesync.lport.key mgmt.key. - Restart apache2 (command: sudo service apache2 restart)
root@appliance1:/opt/SingleInstaller/MgmtUI/SSL# service apache2 restart
