search cancel

Installing Symantec Endpoint Encryption Management Server without TLS 1.0 enabled


Article ID: 174311


Updated On:


Endpoint Encryption


Currently the installation of Symantec Endpoint Encryption Management Server (SEEMS) 11.2.1 MP1, and previous versions, requires TLS 1.0 to be enabled during the installation.  Attempting to install/upgrade SEEMS without TLS 1.0 enabled will not succeed.

Issues that may arise are seen with multiple SEEMS installs, and trying to use an existing SEEMs database.

Install logs:

GINFO: Validating SQL Server Info...

GINFO: Using connection string: Provider=SQLDB.1;Application Name=SEEMS Installer;Initial catalog=; Persist Security Info=False;Data Source=;Use Encryption for Data=False

GINFO: Error while connecting: -2147467259 - [DB][ConnectionOpen (SECCreateCredentials()).]SSL Security error.


Endpoint Encryption Management Server 11.2.1 MP1 and prior versions


This issue is currently being reviewed by Symantec and will be resolved in the next major version of the software that is targeted for Summer 2019.  Subscribe to this article for updates on this issue.

As a workaround, it is possible to temporarily enable TLS 1.0, perform the install/upgrade; then once the installation is complete, TLS 1.0 can be disabled again.