Error: "SEPM returned a non-200 HTTP response"
search cancel

Error: "SEPM returned a non-200 HTTP response"


Article ID: 172809


Updated On:


Endpoint Protection Endpoint Detection and Response Advanced Threat Protection Platform


Symantec Endpoint Protection Manager (SEPM) controller connection is failing on Endpoint Detection and Response (EDR) console with error:

SEPM returned a non-200 HTTP response

central_manager.log on EDR shows an authentication error:

ERROR RMI TCP Connection(512776)- ( Error when trying to connect to SEPM. Exception : {"errorCode":"401","appErrorCode":"","errorMessage":"Invalid user name or password. Please try again."}:name=ERROR_HTTP_RESPONSE_NOT_OK, description=Sepm returned non 200 HTTP response. There was an error.

Following error is found in 'semapisrv_log.xxxx-xx-xx.0.log' on SEPM:

[https-openssl-apr-] ERROR c.s.s.s.c.e.h.GlobalControllerExceptionHandler - EXCEPTION: error.login error.login


The SEPM API Service is having issues connecting to EDR


Solution 1:

  • If the SEPM API service is running, then stop it.
  • Navigate to '<SEPM install folder> tomcat/instances/sepm/api/webapps' and delete the 'sepm' subfolder.
  • Restart the SEPM API service.

Note: This will redeploy the sepm folder that was deleted so that the service runs properly.

Solution 2:

  • Stop all SEPM services on SEPM having issue
  • Back up all files and folder from '<SEPM_HOME>\tomcat\instances\sepm-api\webapps'
  • Delete all files from this folder (Default path: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\instances\sepm-api\webapps)
  • Copy "SEPM.WAR" file from a working SEPM on same version in this folder. 
  • Start all SEPM services and verify that all the files are generated
  • Try adding the SEPM to EDR