Connection to Symantec Encryption Management Server fails when a client uses TLS 1.1 or TLS 1.2.

Symantec Encryption Management Server versions 3.3.2 and below support TLS 1.0.

Symantec Encryption Management Server version 3.4 has now been released, and supports TLS 1.2, however, TLS 1.0/1.1 are still enabled for backward compatibility.  See TECH235036 article  for all documentation for this version.

Symantec Encryption Management Server 3.4.2 MP2 by default disables TLS 1.0/1.1.  It is still possible to configure TLS 1.0/1.1 if necessary, however, see article INFO5149 for more details and considerations.