Endpoint Protection (SEP) clients fail to communicate with the Endpoint Protection Manager (SEPM) with the following error:
[2018-Aug-07 09:14:04.748169] [WARN ] HTTPS certificates related error (35) schannel: AcquireCredentialsHandle failed: SEC_E_ALGORITHM_MISMATCH (0x80090331) - The client and server cannot communicate, because they do not possess a common algorithm.
[2018-Aug-07 09:14:04.748169] [WARN ] HTTPS certificates related error (35) schannel: AcquireCredentialsHandle failed: SEC_E_ALGORITHM_MISMATCH (0x80090331) - The client and server cannot communicate, because they do not possess a common algorithm.
Diffie-Hellman Key Exchange was disabled via IISCrypto or the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman
Enable Diffie-Hellman Key Exchange and restart the system.
To do this via the registry, set the following value:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman]
"Enabled"=dword:ffffffff