Shows the login screen in the Home Tab after logon into Endpoint Protection Manager console
search cancel

Shows the login screen in the Home Tab after logon into Endpoint Protection Manager console


Article ID: 164360


Updated On:


Endpoint Protection


Another login screen appears again after login, requesting the username and password for Symantec Endpoint Protection (SEP) Manager reporting.

After providing the credentials, it returns to the same screen.




Error in logs: Cert file does not exist or Cert store file does not exist. last access time not updated


  • Windows Server 2012 R2 
  • Symantec Endpoint Protection 14 RTM   


The server certificate needs to be updated.


Update the certificate by doing the following steps

  1. Log in to the SEPM console.
  2. Click Clients.
  3. For each of the client groups without inherited policies:
  4. Click Policies > General Settings > Security Settings.
  5. Un-check Enable secure communications between the management server and clients using digital certificates for authentication.

Wait a minimum of 3 seconds after making this change on all groups before moving to the next step.

To update or generate a server certificate

  1. In the console, click Admin, and then click Servers.
  2. Under Servers, under Local Site, click the management server for which you want to update the server certificate.
  3. Under Tasks, click Manage Server Certificate, and then click Next.
  4. In the Manage Server Certificate panel, click Generate new server certificate, click Next, and then click Yes


  • For Multi-manager sites: If your SEPM site contains more than one manager, ensure that clients are configured to load balance, or failover to at least one other manager before proceeding. Allow at least 3-second intervals between updating the first server certificate and each subsequent server certificate. This will allow clients to failover or load balance to another manager, and receive a new Management Server List with the updated server certificate information.
  • Note: If you cannot allow your clients to load balance or failover to another manager, use the Single manager site method above.