Clients are unable to connect to SEPM - ersecreg error: Data invalid - Unable to parse decrypted data


Article ID: 197304


Updated On:


Endpoint Security Complete


Clients are unable to connect to SEPM after adding a replication server, or new SEPM to the environment. 

ersecreg-a.log example:  
08/10 05:02:43 [461336:466208] 4 Bad format. 
08/10 05:02:43 [461336:466208] 
08/10 05:08:10 [461336:457880] <CHttpReg::ProcessReq> [] Processing Reg request from Client,TotalRegistrationsProcessed: 1 
08/10 05:08:10 [461336:457880] <CHttpReg::ProcessReq> Post Data ContentLength = 2272, Configured MaxPostDataLength = 8192. 
08/10 05:08:10 [461336:457880] <CHttpReg::ParseData> Data invalid - Unable to parse decrypted data: ¾[email protected]<ý¹ˆ®$"ÖÙ]){t«=ƒô"C”ÐÍZø¥kÃ`e’›œ0nŒ¿óӘ쑒T(w+h€|«OÊôýòvߧÅ`ÙF­    yò‡•iz¯â¹â¼—92§âõ„°Ÿ“Œéày6äK@ÒÇMf¸» C*×ÁDpåÉò-[:G*    oͧ*«Ld‘1

Secars,hello test on clients fail. 


New server replicated incorrect KCS values.

Verify server KCS values. If it is found that the client's sylink, and the sylink found in %Program Files%\Symantec\Symantec Endpoint Protection Manager\data\outbox\agent are the same, however the KCS value in the are incorrect, follow the resolution in this article. 


  1. Stop the SEPM services.
  2. Create a copy of the file located here: %Program Files%\Symantec\Symantec Endpoint Protection Manager\Tomcat\etc to another location.
  3. Look for the KCS entry in the file.
  4. Replace this entry with the correct entry from another SEPM, or the KCS value found in the clients sylink. 
  5. Once replaced save the file, then cut and paste the new file to back to: %Program Files%\Symantec\Symantec Endpoint Protection Manager\Tomcat\etc
  6. Choose "replace" when prompted that another file with the same name exist. 
  7. Start the SEPM services