Managing Edge Relay Server Certificates

OfficeScan provides a command line tool that allows you to create or renew the Edge Relay Server certificate that agents use for communication. After creating a new certificate, the Edge Relay Server sends the new certificate to the OfficeScan server which then deploys the certificate to agents the next time agents connect to the OfficeScan server.


Off-premises OfficeScan agents must connect to the OfficeScan server to obtain the new Edge Relay Server certificate. Any off-premises agents that do not receive the updated certificate can no longer communicate with the Edge Relay Server until connection with the OfficeScan server is established.

  1. On the Edge Relay Server, open a command line editor and go to the following directory:

    C:\Program Files\Trend Micro\OfficeScan Edge\OfcEdgeSvc\web\service

  2. Execute the certificate tool by running the following command:

    OfcEdgeCfg.exe --renewcert -certpwd <password>


    • --renewcert: Creates the new certificate

    • -certpwd <password>: Specifies the password for the certificate package

    The Edge Relay Server creates the new certificate package and automatically sends the certificate to the OfficeScan server. The OfficeScan server deploys the new certificate to OfficeScan agents the next time the OfficeScan agents report to the OfficeScan server.