Personal Recovery Key rotation does not work on Symantec Endpoint Encryption for FileVault 11.1.3 MP1 and macOS High Sierra (10.13.x) (with APFS)

book

Article ID: 171027

calendar_today

Updated On:

Products

Endpoint Encryption

Issue/Introduction

After you provide a Personal Recovery Key for access to an encrypted system with macOS High Sierra (with APFS) installed, on the next client-server communication, Symantec Endpoint Encryption for FileVault fails to rotate the Personal Recovery Key; the existing Personal Recovery Key continues to be valid.

This problem can occur in any of the following scenarios:

  • When you upgrade your operating system to macOS High Sierra (with APFS) on a system with Symantec Endpoint Encryption 11.1.3 MP1 installed.
  • When you install Symantec Endpoint Encryption 11.1.3 MP1 on a system with macOS High Sierra (with APFS) installed and FileVault enabled.

Cause

Symantec Endpoint Encryption of FileVault fails to rotate Personal Recovery Key on a system with macOS High Sierra (with APFS) installed due to changes done by Apple in their FileVault command line interface.

Environment

Symantec Endpoint Encryption 11.1.3 MP1 and macOS High Sierra with Apple File System (APFS)

Resolution

UPDATE: This issue is fixed in the release of Symantec Endpoint Encryption 11.2.0. Therefore, to resolve this issue, upgrade Symantec Endpoint Encryption for FileVault to 11.2.0 or later.

Symantec Corporation is committed to product quality and satisfied customers. This issue is currently being considered by Symantec Corporation to be addressed in a forthcoming version or Maintenance Pack of the product. Refer back to this document periodically as any changes to the status of the issue will be reflected here.

Click Subscribe to this Article in the box at the right to be automatically notified when there are updates to this article.