search cancel

Endpoint Protection Manager unable to connect to SQL server after SSL certificate update


Article ID: 172384


Updated On:


Endpoint Protection


After renewing the server certificate on your SQL server the Symantec Endpoint Protection Manager (SEPM) is no longer able to connect. This behavior may not start until the SQL server has been rebooted. stdout-0.log:
Caused by: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: " Certificates does not conform to algorithm constraints".


The Signature Algorithm of the SSL certificate used by the SQL server is not recognized by Java. In particular, RSASSA-PSS is not supported in Java 8.x.


SQL server using SSL
SEPM 14.0.x and 14.2.x


Request that the certificate be regenerated with a supported Signature Algorithm such as SHA512withRSA. RSASSA-PSS may not be used for any certificate in the chain.

A list of supported Signature Algorithms may be found here: