When installing the Symantec Endpoint Manager (SEPM) certificate and private key in the ATPP UI for the Secure Endpoint Traffic you get an "Internal server error". (See Error Message section for screen shot)

When installing a Self Signed certificate for the Secure Endpoint Traffic and you get an "Internal server error" (See Error Message section for atpapp.error.log file.)

Error message that can be found in the atpapp.error.log:

[2016-02-10 20:27:17:682 GMT][com.symantec.atp.web.controller.settings.SecureTrafficConfigurationController][http-nio-<IP>-443-exec-6][ERROR] Failed to install first certificate. Not attempting to install other certificates. Returning.

The SEPM Apache certificate cannot be use in the ATPP UI for installing the Secure Endpoint Traffic. 
 

When installing the self signed cert it shows a "Internal server error".

When a Certificate is created by OpenSSL, the SHA256 needs to be specify otherwise there is a case cert that is not going to be uploaded.  The command below is what is needed to run to generate the correct cert when using OpenSSL.

openssl req -new -x509 -days 730 -key rootCA.key -nodes -sha256 -out mycert.crt

If the above command does not fix the issue then perform the workaround listed below..

Workaround:

Reboot the ATPP server or Virtual Machine (VM), then go back to the ATPP UI and install the certificate again.  This should show that the certificate was imported successfully.