search cancel

HTTPS communication with certificate verification cannot complete between Endpoint Protection AWS instances


Article ID: 162885


Updated On:


Endpoint Protection


In the Management Server List, you enable HTTPS communications with certificate verification, which verifies the server hostname on which it originated. Your installation of Symantec Endpoint Protection Manager (SEPM) is on one Amazon Web Services (AWS) instance, and a Symantec Endpoint Protection client is on another. However, client-server communication fails.

The client computer does not display the green dot indicating communication with the manager. When you check the Sylink log, you see the following messages, after the date and time stamps:

<GetIndexFileRequest>Send Request failed.. Error Code = 12007
<ParseErrorCode:> 12007=>The Server name could not be resolved.


The AWS-provided DNS service does not resolve the virtual machine's hostname to an IP, but instead, resolves its Amazon Private DNS name to its IP. The Symantec Endpoint Protection Manager certificate is based on the hostname on which it is installed. Therefore, when the client attempts to connect to it, the hostname does not resolve to an IP, and the connection fails as the certificate cannot be authenticated.


Symantec is aware of this issue and will update this document as needed. Please subscribe to this article to be notified of any updates.

If you require HTTPS with certificate verification, you can work around this issue by purchasing or setting up a standard DNS server in your Amazon Web Services Virtual Private Cloud (AWS VPC).