ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Protection Engine UI is not accessible

book

Article ID: 172874

calendar_today

Updated On:

Products

Protection Engine for Cloud Services Protection for SharePoint Servers Protection Engine for NAS

Issue/Introduction

After no apparent changes, the Symantec Protection Engine (SPE) UI can no longer be accessed via a web browser.

If a netstat is run, port 8004 and 8005 are no longer listening.

If installed to Windows, in the Program Files\Symantec\Scan Engine directory, the Certificate.pem, keyStore.private and keyStore.public are missing.

If installed to Linux, in the /opt/SYMCScan/bin directory, the Certificate.pem, keyStore.private and keyStore.public are missing.

Cause

Normally, during install and service starts, the Certificate.pem, keyStore.private and keyStore.public are generated or re-generated if missing. If this process is not happening, it indicates that SPE is unable to resolve the IP address of the fully qualified domain name (FQDN) of the local system via Domain Name System (DNS). If DNS is no longer providing forward and reverse name resolution of the local system, SPE will be unable to generate the certificate and keystore files used to encrypt the console web page.

Resolution

Troubleshoot and resolve the DNS issues encountered around the time the console stopped working.

Workaround

Add a hosts file entry in one of the following locations.

  • Windows: C:\Windows\System32\etc\hosts
  • Linux: /etc/hosts

This entry should be in a format similar to the following: <IP address of SPE server>     <FQDN of SPE server> for example  192.168.1.1    testhost.testdomain

Once this entry is created in the host file, restart the Symantec Protection engine service. The Certificate.pem, keyStore.private and keyStore.public files should now be created and the website should be accessible.