ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Endpoint Encryption Server Configuration Manager cannot browse to the Server certificate


Article ID: 172147


Updated On:


Endpoint Encryption


Endpoint Encryption Management Server Configuration Manager contains a section for configuring the Web Server for Endpoint Encryption.

An error message is displayed after you click on the Browse button to select a Server certificate and no certificates are shown:

You do not have any certificates in your local certificate store other than the one that is already associated with the Symantec Endpoint Encryption services website.


If you open the server certificate file by double clicking on it from Windows File Explorer and look in the Details tab, you will find that the certificate either does not contain an Enhanced Key Usage field or if it does, the Enhanced Key Usage field does not contain this attribute:
Server Authentication (

Similarly, on the General tab you should see Ensures the identity of a remote computer under the list of purposes:


Symantec Endpoint Encryption 11.3 and above.


You will need to create a new certificate that has Ensures the identity of a remote computer as one of its purposes. This corresponds to the Server Authentication attribute.

Note that server certificates issued by third party Certificate Authorities will always include the purpose Ensures the identity of a remote computer. They will also include the purpose Proves your identity to a remote computer.