Policy Server uses the following certificates:
ACS certificate: Establishes trusted communication between the ACS server and the Certificate Authority (CA) server. The Certificate Authority server signs the ACS certificate and saves it on the ACS server.
CA certificate: Authenticates OfficeScan clients with the Cisco ACS server. The OfficeScan server deploys the CA certificate to both the ACS server and to OfficeScan clients (packaged with the Cisco Trust Agent).
Policy Server SSL certificate: Establishes secure HTTPS communication between the Policy Server and ACS server. Setup automatically generates the Policy Server SSL certificate during Policy Server installation.
Tip: The Policy Server SSL certificate is optional. However, Trend Micro recommends using it to ensure encryption of data transmitted between the Policy Server and ACS server.
After the ACS server issues a certificate signing request to the CA server, the CA issues a certificate (the ACS certificate). The ACS certificate is then installed on the ACS server.
Export a CA certificate from the CA server and install on the ACS server.
Save a copy of the same CA certificate on the OfficeScan server.
The OfficeScan server deploys the CA certificate to clients with the CTA.
Note: See the OfficeScan Administrator's Guide for specific steps on creating and deploying certificates.