search cancel

Patch Management 7.6 - Download of software updates fails via TLS 1.2.

book

Article ID: 172886

calendar_today

Updated On:

Products

Patch Management Solution for Windows

Issue/Introduction

Download of software updates fails via TLS 1.2.

Failed to download Software Update Package.
Download failed for 'https://download.microsoft.com/...
The underlying connection was closed: An unexpected error occurred on a send.
   [System.Net.WebException @ Altiris.PatchManagementCore]
   at Altiris.PatchManagementCore.Utilities.File.DownloadToStreamWithRetries(Uri uri, DownloadContext downloadContext)
   at Altiris.PatchManagementCore.Utilities.File.Download(String fromUrl, String toDirectory, String toFileName, Boolean forceDownload, DownloadParameters miscDownloadParams)

Authentication failed because the remote party has closed the transport stream.

   [System.IO.IOException @ System]
   at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
   at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.ConnectStream.WriteHeaders(Boolean async)
Exception logged from:
   at Altiris.Diagnostics.Logging.EventLog.ReportException(Int32 severity, String strMessage, String category, Exception exception, String footer)
   at Altiris.PatchManagementCore.Utilities.File.Download(String fromUrl, String toDirectory, String toFileName, Boolean forceDownload, DownloadParameters miscDownloadParams)
   at Altiris.PatchManagementCore.Utilities.FileDownloader.Download()
   at Altiris.PatchManagementCore.Utilities.FileDownloader.DoDownloadProcedure(Object data)
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading.ThreadHelper.ThreadStart(Object obj)
-----------------------------------------------------------------------------------------------------
Process: AtrsHost (2628), Thread ID: 79, Module: AtrsHost.exe
Priority: 1, Source: Altiris.PatchManagementCore.Utilities.File.Download

Cause

The TLS 1.2 support in patch management for the 7.6 version was added only in the POST_HF7 cumulative update.

Environment

Patch Management Solution 7.6 (HF7)

Resolution

Consider upgrading to the latest version of Symantec Management Platform and Patch Management Solution to take advantage of this and other fixes/features.

For Symantec Management Platform 7.6:

-Make full backups of the platform and Symantec_CMDB database. Export KMS keys from SIM.

-Upgrade to Platform and Solutions to 7.6 HF7.
-Install Platform and SMA POST_HF7 cumulative pointfixes first!
-Install Patch Management POST_HF7 cumulative pointfixes
https://support.symantec.com/en_US/article.INFO3459.html

-Upgrade Symantec Management Agent and plugins.