Logging on remotely to Endpoint Protection Manager with an FQDN results in "Failed to connect to the server" and "ErrorCode: 0x80020000"

book

Article ID: 157899

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

When you log on to the Symantec Endpoint Protection Manager (SEPM) using the remote console, and you use a fully qualified domain name (FQDN), you receive an error that it failed to connect to the server.

If you log in with an IP address, this error does not occur.

The following error appears upon attempted log on:

Failed to connect to the server.
Make sure that the server is running and your session has not timed out.
If you can reach the server but cannot log on, make sure that you provided the correct parameters. If you are experiencing network issues, contact your system administrator. ErrorCode: 0x80020000


You may also find the following in the Ajaxswing scm-ui-date-time.log files:

[Date/Time] GUIManager SEVERE: Reporting error on login!
[Date/Time] GUIManager SEVERE: Failed to connect to the server.

Make sure that the server is running and your session has not timed out.
If you can reach the server but cannot logon, make sure that you provided the correct parameters.
If you are experiencing network issues, contact your system administrator. ErrorCode: 0x80020000
[Date/Time] ExceptionHandler SEVERE: Root cause of the exception: handshake alert:  unrecognized_name;

Cause

Java 1.7 and later now does a security check for mismatching hostnames. If the Apache hostname and the SSL request hostname do not match, the connection fails.

This mismatch can occur if the URL entered into the remote console does not match what is displayed under the computer's properties as the Full Computer Name, even if it otherwise allows a connection via web.

Resolution

To work around this error, add an alias to the other hostname in the ssl.conf file to tell Apache that the hostnames are the same.

  1. In a plain text editor, open the following file: %SEPM_DIR%\apache\conf\ssl\ssl.conf
    On most operating systems, the default SEPM directory is: C:\Program Files\Symantec\Symantec Endpoint Protection Manager\
  2. Under SSL Virtual Host Context, edit the tag to read:

    <VirtualHost _default_:8445>
    ServerAlias hostname_URL


    Where hostname_URL is the FQDN that you use to logon remotely to the SEPM.
  3. Save the changes, and then close the file.
  4. Restart the Symantec Endpoint Protection Manager Webservice.