search cancel

Installing Symantec Endpoint Encryption Management Server without TLS 1.0 enabled

book

Article ID: 174311

calendar_today

Updated On:

Products

Endpoint Encryption

Issue/Introduction

Currently the installation of Symantec Endpoint Encryption Management Server (SEEMS) 11.2.1 MP1, and previous versions, requires TLS 1.0 to be enabled during the installation.  Attempting to install/upgrade SEEMS without TLS 1.0 enabled will not succeed.

Issues that may arise are seen with multiple SEEMS installs, and trying to use an existing SEEMs database.

Install logs:

GINFO: Validating SQL Server Info...

GINFO: Using connection string: Provider=SQLDB.1;Application Name=SEEMS Installer;Initial catalog=; Persist Security Info=False;Data Source=;Use Encryption for Data=False

GINFO: Error while connecting: -2147467259 - [DB][ConnectionOpen (SECCreateCredentials()).]SSL Security error.

Environment

Endpoint Encryption Management Server 11.2.1 MP1 and prior versions

Resolution

This issue is currently being reviewed by Symantec and will be resolved in the next major version of the software that is targeted for Summer 2019.  Subscribe to this article for updates on this issue.

As a workaround, it is possible to temporarily enable TLS 1.0, perform the install/upgrade; then once the installation is complete, TLS 1.0 can be disabled again.