Endpoint Encryption Server Configuration Manager cannot browse to the Server certificate
Article ID: 172147
Updated On:
Products
Issue/Introduction
Endpoint Encryption Management Server Configuration Manager contains a section for configuring the Web Server for Endpoint Encryption.
An error message is displayed after you click on the Browse button to select a Server certificate and no certificates are shown:
You do not have any certificates in your local certificate store other than the one that is already associated with the Symantec Endpoint Encryption services website.
Environment
Symantec Endpoint Encryption 11.3 and above.
Cause
If you open the server certificate file by double clicking on it from Windows File Explorer and look in the Details tab, you will find that the certificate either does not contain an Enhanced Key Usage field or if it does, the Enhanced Key Usage field does not contain this attribute:Server Authentication (1.3.6.1.5.5.7.3.1)
Similarly, on the General tab you should see Ensures the identity of a remote computer under the list of purposes:
Resolution
You will need to create a new certificate that has Ensures the identity of a remote computer as one of its purposes. This corresponds to the Server Authentication attribute.
Note that server certificates issued by third party Certificate Authorities will always include the purpose Ensures the identity of a remote computer. They will also include the purpose Proves your identity to a remote computer.
Feedback
