The customer is trying to install Symantec Management Platform 7 (NS7) in a server that uses SSL. The SSL certificate was issued with this format: computername.domain.com.
In this implementation, the server is NOT a member of the domain. As well the client machines will be part of a workgroup.
During the initial installation for the Symantec Management Platform 7 (NS7), the configuration used was left as "Default Web Site" and "computername.domain.com" with ports 80 and 443 for his SSL implementation.
SIM installed all the MSIs for the platform but as soon as the configuration process started, it failed when trying to reach "https://computername.domain.com/Altiris/NS/Services/NSConfigurationWebService.asmx".
The customer received a http error 401 Unauthorized in the installation logs.
When we copied the affected link, we got a window asking for authentication. The customer added the Admin credentials and IIS didn't accepted them. We got a message saying that the credentials were invalid.
We noticed that if we tried:
we get to the page fine but there is an error in the certificate, which is expected because the certificate was issued for "computername.domain.com"
We tried https://computername.domain.com/Altiris/NS/Services/NSConfigurationWebService.asmx again and we got the same authentication window.
We tried to add the SSL certificate as Altiris KB DOC1240 "Configuring Notification Server to use SSL" suggested but we get the same authentication window.
When we removed the SSL certificate and removed the 443 port from the Default Web Site, we could access the desired page just fine:
When we tried http://computername.domain.com/Altiris/NS/Services/NSConfigurationWebService.asmx we get http error 403.1. Usually this is because the server is not part of a domain.
The SSL Certificate didn't match the computer name. Since the Server was not part of a domain, the server had an incomplete entry and because the SSL certificate was issued to use a FQDN for name, this caused issues during authentication.
Make sure that the server name matches the certificate name. In this particular case since the server was in a workgroup, the 'domain.com' suffix was not part of the computer name. The SSL Certificate was issued as "computername.domain.com" format so it was not matching properly for validation.
1. Go to Start>My Computer> right-click>Properties
2. Under the 'Computer Name' tab, click on 'Change'
3. When the 'Computer Name Changes' window opens, click on 'More...'
4. Under the 'DNS Suffix and NetBIOS Computer Name', add the 'domain.com' entry for the 'Primary DNS suffix on this computer'
5. Save changes
After following the steps above you should be able to restart the installation process and finish with the configuration process.
Symantec Management Platform 7.0 SP3
Symantec Installation Manager 7.0.556