Endpoint Protection Manager 14.x fails to fully launch with FIPS enabled
search cancel

Endpoint Protection Manager 14.x fails to fully launch with FIPS enabled

book

Article ID: 164318

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

After starting FIPS mode on the Symantec Endpoint Protection Manager (SEPM), the database connection does not start.

Log entry from FIPSMode.log:

11/9/2016 2:44:48 PM Editing Ajaxswing launch script : E:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\webapps\ajaxswing\WEB-INF\ajaxswing\bin\setEnv.bat 
11/9/2016 2:44:48 PM Ajaxswing env script does not have redundant classpath entry. No cleanup required. 
11/9/2016 2:44:48 PM Editing conf.properties: E:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\conf.properties 
11/9/2016 2:44:48 PM Updated Tomcat conf.properties file with FIPS JSSE path: scm.fips.jsse.path=E\:\Program Files (x86)\\Symantec\\Symantec Endpoint Protection Manager\\jre\\lib\\ext 
11/9/2016 2:44:48 PM Editing file : E:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\bin\sesm.bat 
11/9/2016 2:44:48 PM Probed JVM start cmd line: @start "SESM" "E:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\jre\bin\javaw.exe" -Xms1024m -Xmx2048m -XX:MinHeapFreeRatio=40 -XX:MaxHeapFreeRatio=70 -XX:NewRatio=15 -Dcatalina.home="E:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat" -Dscm.console.conf="E:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\conf.properties" -Dsun.locale.formatasdefault=true -jar "E:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\webapps\ROOT\clientpkg\scm-ui.jar" %* 
11/9/2016 2:44:48 PM Edited JVM start cmd line: @start "SESM" "E:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\jre\bin\javaw.exe" -Djava.ext.dirs="E:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\jre\lib\ext" -Xms1024m -Xmx2048m -XX:MinHeapFreeRatio=40 -XX:MaxHeapFreeRatio=70 -XX:NewRatio=15 -Dcatalina.home="E:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat" -Dscm.console.conf="E:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\conf.properties" -Dsun.locale.formatasdefault=true -jar "E:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\webapps\ROOT\clientpkg\scm-ui.jar" %* 
11/9/2016 2:44:48 PM Editing file E:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\apache\conf\ssl\ssl.conf 11/9/2016 2:44:48 PM Editing file E:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\conf.properties 11/9/2016 2:44:48 PM Found entry: com.symantec.crypto.fips140mode=false 11/9/2016 2:44:48 PM Setting entry: com.symantec.crypto.fips140mode=true 
11/9/2016 2:44:48 PM Editing file E:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\apache\conf\httpd.conf 11/9/2016 2:44:48 PM Starting service Symantec Endpoint Protection Manager Webserver 
11/9/2016 2:44:57 PM Starting service Symantec Endpoint Protection Manager 
11/9/2016 2:45:06 PM Starting service Symantec Endpoint Protection Manager API Service 
11/9/2016 2:45:15 PM FIPSMode.vbs has completed successfully.

Log entry from scm-server-0.log:

2016-11-09 14:45:05.671 THREAD 12 SEVERE: scm.server.version = 14.0.1904.0000 2016-11-09 14:45:06.515 THREAD 27 SEVERE: DatabasePing> run>> Trying to connect database...

Resolution

This problem is fixed in Symantec Endpoint Protection 14 RU1.
‚Äč
For information on how to obtain the latest build of Symantec Endpoint Protection, read ‘Download the latest version of Symantec Endpoint Protection’
http://www.symantec.com/docs/TECH103088