ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

EDR reports an unencrypted connection to the Endpoint Protection Manager database

book

Article ID: 172457

calendar_today

Updated On:

Products

Endpoint Detection and Response Advanced Threat Protection Platform

Issue/Introduction

When connecting to the Endpoint Protection Manager (SEPM) database, the connection reports as unencrypted. 

Healthy [unencrypted connection]

Cause

The self-signed, or local CA signed certificate for the SEP DB needs to be added to the ATP/SEDR keystore. 

Environment

This SEP DB status occurs after installing a self-signed, or local CA signed, certificate on your Microsoft SQL Server to encrypt communication with Advanced Threat Protection (ATP) 3.x or Endpoint Detection and Response (SEDR) 4.x. 

Resolution

If your security policy does not require connections to SEP DB to be encrypted, no action is needed. The connection to the database is Healthy.

If your security policy requires connections to SEP DB to be encrypted, please upload the .crt file, then contact Broadcom Technical Support for assistance inserting the self-signed, or local CA signed certificate into the ATP/SEDR keystore. 

 

To upload the .crt file to EDR 4.5 or later

  1. In EDR UI, on Settings > Global, scroll down to the File Transfer section.
  2. Click Upload
  3. Navigate to the .crt file
  4. Click the .crt file, then click Open
  5. Click Upload

 

Additional Information

NOTE: The upload steps also work to upload a .pem file to EDR 4.4.