Cloud Enabled Symantec Management Agents unable to receive permanent client certificate.
search cancel

Cloud Enabled Symantec Management Agents unable to receive permanent client certificate.


Article ID: 172535


Updated On:


IT Management Suite


Symantec Management Agent installed using Cloud Enabled Management installation package unable to register with the Symantec Management Platform.

Symantec Management Platform:
"Certificate can't be loaded from database: serial='AC58C64057CDC833F66CF1AA2EF4065F0EBFF771, thumbprint='3FA8DFB47E72051C6B61B3D792C11D717244B5D0'","Altiris.NS.AgentManagement.AgentCertificateDistributer.ValidateIncomingCertificate","Altiris.NS.dll","47","Warnings"

Symantec Management Agent:
"Master certificate is missing from the responce, CEM certificates request added to queue and is waiting for approval","ConfigServer","AeXNSAgent.exe","1316","Warnings"

"Failed to receive CEM certificates from https://HOSTNAME:443/altiris/NS/Agent/GetClientCertificate.aspx in CEM mode, error: The data is invalid (0x8007000D)","ConfigServer","AeXNSAgent.exe","1316","Warnings"



Symantec Management Platform 8.x


SMP Server Agent CA certificate resource is missing from the Symantec_CMDB database.
Check for Agent CA certificate resource in the database using the following SQL query.

, rk.ResourceGuid
, rk.KeyName
, rk.KeyValue
, dcd.Issuer
, vi.*
, dcd.*
FROM vItem as vi
JOIN ResourceKey as rk
ON rk.ResourceGuid=vi.Guid
JOIN Inv_Digital_Certificate_Details AS dcd
ON dcd.[_ResourceGuid]=rk.ResourceGuid
    WHERE vi.ClassGuid  = 'fa3f86ae-1c53-44b6-8eed-90a312ba2fb3'
    AND vi.Name LIKE '%Agent CA'


The Agent CA certificate resource can be recreated by running a Reconfigure of the Management Platform Release Update via the Symantec Installation Manager.

1. Run the Symantec Installation Manager.
2. Select Repair installed products.
3. Select Reconfigure installed products and press Next.
4. Select Symantec Management Platform 8.x RUx and press Next.
5. Press Configure.
6. After the reconfiguration is finished, use the above SQL query to confirm that the Agent CA certificate resource was created in the database.