Assigning HTTPS Access to the Web Console

During Apex Central installation, you can choose the level of security when accessing the management console. The least secure level only requires an HTTP connection. The most secure requires an HTTPS connection. If the least secure connection was selected during installation, you can change the access level after installation to the most secure connection.

Important:

  • You must obtain a certificate and set up the Apex Central virtual directory before you can start sending encrypted or digitally signed information to and from the Apex Central server.

  • The following procedure describes how to assign HTTPS access from a Windows Server 2012 R2 installation.

    If you are running a different version of Windows Server, refer to the Microsoft documentation for your specific Windows Server installation.

  1. Obtain a Web Site Certificate from any certification provider (for example, Thawte.com or VeriSign.co).
  2. Log on to the Apex Central server.
  3. Go to Start > Administrative Tools > Internet Information Services (IIS) Manager.

    The Internet Information Services (IIS) Manager screen appears.

  4. From the Connections pane on the left, select the server name.
  5. From the Features View pane in the center, double-click Server Certificates.
  6. From the Actions pane on the right, click Import....

    The Import Certificate screen appears.

  7. Import the Web Site Certificate obtained in step 1:
    1. Upload the certificate file.
    2. Specify the password for the certificate.
    3. Select the Certificate Store.
    4. Click OK.

      Windows Server imports the certificate file and closes the Import Certificate screen.

  8. From the Connections pane on the right, expand the Sites folder and select the <Web Site> created during Apex Central installation.
    Note:

    If you did not a specify a custom <Web Site> name during Apex Central installation, the default <Web Site> name is Default Web Site.

  9. Right-click the <Web Site> and select Edit Bindings....

    The Site Bindings screen appears.

  10. Configure site bindings:
    1. Select the https type and click Edit....
      Tip:

      If the https type does not appear in the Site Bindings list, click Add... to manually add the https type.

    2. Select the imported certificate file from the SSL certificate drop-down list.
    3. Click OK.
    4. Click Close.
  11. Configure SSL settings:
    1. Expand the <Web Site> and select the WebApp virtual directory.
    2. From the Features View pane in the center, double-click SSL Settings.
    3. Select Require SSL.
    4. From the Actions pane on the right, click Apply.

      The Alerts pane appears and indicates that the changes have been successfully saved.

  12. Specify the HTTPS port number in the following locations:

    • Registry key:

      HKLM\Software\Wow6432Node\TrendMicro\TVCS\WebPort

    • System configuration file:

      In the <Apex Central installation folder>\systemconfiguration.xml file, locate m_uiWebServer_Https_Port and set the value to the HTTPS port number.

  13. Restart the following services:

    • Trend Micro Apex Central

    • Trend Micro Management Infrastructure

    • W3WP

Parent topic: The Web Console