Views:
Apex One provides a command line tool that allows you to create or renew the Edge Relay Server certificate that agents use for communication. After creating a new certificate, the Edge Relay Server sends the new certificate to the Apex One server which then deploys the certificate to agents the next time agents connect to the Apex One server.
Important
Important
Off-premises Security Agents must connect to the Apex One server to obtain the new Edge Relay Server certificate. Any off-premises agents that do not receive the updated certificate can no longer communicate with the Edge Relay Server until connection with the Apex One server is established.

Procedure

  1. On the Edge Relay Server, open a command line editor and go to the following directory:
    C:\Program Files\Trend Micro\Apex One Edge Relay\OfcEdgeSvc\
  2. Execute the certificate tool by running the following command:
    ofcedgecfg.exe --cmd renewcert --opacertpwd <OsceOPA certificate password> [--keeprootca]
    Where:
    • --renewcert: Creates the new certificate
    • --opacertpwd <password>: Specifies the password for the certificate package
    The Edge Relay Server creates the new certificate package and automatically sends the certificate to the Apex One server. The Apex One server deploys the new certificate to Security Agents the next time the Security Agents report to the Apex One server.