The default certificate incorporated into the installation of Symantec Mail Security for Microsoft Exchange (SMSMSE) 7.9.0 & 7.9.1 is no longer being treated as valid when communicating via HTTPS to the LiveUpdate servers to retrieve virus definitions.

During a packet trace / capture of the communication between SMSMSE and the Liveupdate servers the following message is returned:

Alert (level: Fatal, Description: Unknown (CA)

To resolve the issue download and implement the hotfix provided within this article.

Steps to implement hotfix:  (Note: This fix is applicable on SMSMSE 7.9.0 and SMSMSE 7.9.1 only)

1)  Automated hotfix deployment method:

Note: Running the Powershell script will generate a log showing changes and a folder containing a backup of the original files that were replaced.

1. Download 4243557_HF.zip attached to this article.
2. Extract the content of the ZIP to a working directory on the server SMSMSE is installed to.
3. Open Windows Powershell (as administrator).
4. Change directory to the working directory containing the extracted hotfix files.
5. Run ApplyHF.ps1  (.\ApplyHF.ps1)

2) Manual hotfix deployment method:

1. Download 4243557_HF.zip attached to this article.
2. Extract the content of the ZIP to a working directory on the server SMSMSE is installed to.
3. Backup "luxds.dat" from <InstallDir>:\SMSMSE\7.9\Server\definitions
4. Delete "luxds.dat" from following locations;
    a. <InstallDir>:\SMSMSE\7.9\Server\definitions
    b. <InstallDir>:\SMSMSE\7.9\Server\definitions\AntiVirus
    c. <InstallDir>:\SMSMSE\7.9\Server\definitions\Reputation\dwnlds\revoc
    d. <InstallDir>:\SMSMSE\7.9\Server\definitions\Reputation\dwnlds\symvt
    e. <InstallDir>:\SMSMSE\7.9\Server\definitions\Reputation\dwnlds\tiset
5. Copy "luxds.dat" from Hot fix to <InstallDir>:\SMSMSE\7.9\Server\definitions