search cancel

Failed to perform client handshake, when using SSL on Windows 2003.


Article ID: 161679


Updated On:


IT Management Suite


Verified cert bound to SSL port in IIS was present on the windows 2003 server. It was installed via the computer account to the trusted root. 

We were still seeing errors regarding handshake failure. Investigating windows application and security logs showed errors regarding the operating system's Client Revocation List. 

This list is updated by Microsoft, and since these servers were not connected to the internet, windows update could not update the list.

 Agent disconnected from notification server

Handshake failure in the agent logs.
Client revocation list (CRL) errors in the windows logs.


 Please connect the windows 2003 boxes to the internet and allow windows updates, or install the patch hosted by Microsoft's technet:

Applies To

 All Symantec management platform versions including, but not limited to: 7.0, 7.1, 7.5

 Windows 2003 servers not connected to the internet, and / or not receiving windows updates