search cancel

Endpoint Protection clients fail to communicate with SEPM due to certificate error

book

Article ID: 175269

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Symantec Endpoint Protection (SEP) clients fail to communicate with the Symantec Endpoint Protection Manager (SEPM). When viewing the status in the SEPM under Clients → Tasks → Clients tab → View: Client status, the "Last Update Status" field shows as recent for the impacted clients. However, the SEP clients do not receive policy updates, nor do they upload logs to the SEPM. 

 

[2019-Jun-26 12:59:18.194480] [DEBUG] CertificateProvider Begins
[2019-Jun-26 12:59:18.194480] [DEBUG] CertificateProvider: Likely duplicate detected in building cert list.
[2019-Jun-26 12:59:18.194480] [DEBUG] CertificateProvider: Likely duplicate detected in building cert list.
[2019-Jun-26 12:59:18.194480] [DEBUG] CertificateProvider: Likely duplicate detected in building cert list.
[2019-Jun-26 12:59:18.194480] [DEBUG] CertificateProvider: Likely duplicate detected in building cert list.
[2019-Jun-26 12:59:18.194480] [DEBUG] CertificateProvider: Likely duplicate detected in building cert list.
[2019-Jun-26 12:59:18.194480] [DEBUG] CertificateProvider: Likely duplicate detected in building cert list.
[2019-Jun-26 12:59:18.194480] [DEBUG] CertificateProvider Finished
[2019-Jun-26 12:59:19.058754] [ERROR] Verify signature failed.
[2019-Jun-26 12:59:19.058754] [INFO ] Heartbeat failed
[2019-Jun-26 12:59:19.058754] [DEBUG] Heartbeat status: [complete: true] [successful: false]
[2019-Jun-26 12:59:19.059748] [ERROR] Heartbeat failed with error SignatureException

Cause

The issue is likely related to an issue with the Sylink.xml file, or certificate on the client. 

Resolution

To resolve the issue, replace the Sylink.xml with a known good copy. 

For more information on replacing the Sylink.xml, reference: How do I replace the client-server communications file on the client computer?