Apex One provides a
command line tool that allows you to create or renew the Edge Relay Server
certificate that agents use for communication. After creating a new certificate, the
Edge Relay Server sends the new certificate to the Apex One server which
then deploys the certificate to agents the next time agents connect to the Apex One server.
 |
ImportantOff-premises Security Agents must connect to the Apex One server to
obtain the new Edge Relay Server certificate. Any off-premises agents that do
not receive the updated certificate can no longer communicate with the Edge
Relay Server until connection with the Apex One server is
established.
|
Procedure
- On the Edge Relay Server, open a command line editor and go to the following
directory:
C:\Program Files\Trend Micro\Apex One Edge Relay\OfcEdgeSvc\ - Execute the certificate tool by running the following command:
ofcedgecfg.exe --cmd renewcert --opacertpwd <OsceOPA certificate password> [--keeprootca]Where:-
--renewcert: Creates the new certificate -
--opacertpwd <password>: Specifies the password for the certificate package
The Edge Relay Server creates the new certificate package and automatically sends the certificate to the Apex One server. The Apex One server deploys the new certificate to Security Agents the next time the Security Agents report to the Apex One server. -