ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Failed to perform client handshake, when using SSL on Windows 2003.

book

Article ID: 161679

calendar_today

Updated On:

Products

IT Management Suite

Issue/Introduction

Verified cert bound to SSL port in IIS was present on the windows 2003 server. It was installed via the computer account to the trusted root. 

We were still seeing errors regarding handshake failure. Investigating windows application and security logs showed errors regarding the operating system's Client Revocation List. 

This list is updated by Microsoft, and since these servers were not connected to the internet, windows update could not update the list.

 Agent disconnected from notification server

 
Handshake failure in the agent logs.
 
Client revocation list (CRL) errors in the windows logs.
 

Resolution

 Please connect the windows 2003 boxes to the internet and allow windows updates, or install the patch hosted by Microsoft's technet:

 
 http://support.microsoft.com/kb/938397

Applies To

 All Symantec management platform versions including, but not limited to: 7.0, 7.1, 7.5

 
 Windows 2003 servers not connected to the internet, and / or not receiving windows updates