ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Symantec Endpoint Protection 14.3 version doesn't get installed.

book

Article ID: 199011

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

SEP 14.2 RU2 MP1 gets installed however, when we install 14.3 it fails.

Cause

System doesn't had "Verisign Universal Root Certification Authority"

ccIPC.dll is the first broadcom dll that gets loaded after ccVerifyTrust.dll. In order to load this dll, ccVerifytrust makes use of WinTrust to verify the signature chain. The timeout is  happening during the verification of this dll.  

Powershell cmdlet "get-childitem cert:\ -recurse" might be of use.

Sep_inst log:

LinkAllExecutables Could not move C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Cached Installs\Program Files\Symantec\Name\Version\Bin64\AvPluginImpl.dll to C:\Users\ADMINI~1\AppData\Local\Temp\LAE925B.tmp received 0x2
LinkAllExecutables Could not move C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Cached Installs\Program Files\Symantec\Name\Version\Bin64\ccGEvt.dll to C:\Users\ADMINI~1\AppData\Local\Temp\LAE925C.tmp received 0x2
LinkAllExecutables Could not move C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Cached Installs\Program Files\Symantec\Name\Version\Bin64\ccGLog.dll to C:\Users\ADMINI~1\AppData\Local\Temp\LAE925D.tmp received 0x2
LinkAllExecutables Could not move C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Cached Installs\Program Files\Symantec\Name\Version\Bin64\ccIPC.dll to C:\Users\ADMINI~1\AppData\Local\Temp\LAE925E.tmp received 0x2
LinkAllExecutables Could not move C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Cached Installs\Program Files\Symantec\Name\Version\Bin64\ccLib.dll to C:\Users\ADMINI~1\AppData\Local\Temp\LAE925F.tmp received 0x2
LinkAllExecutables Could not move C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Cached Installs\Program Files\Symantec\Name\Version\Bin64\ccScanw.dll t


.......
MSI (s) (64:90) [18:17:17:231]: Executing op: ComponentRegister(ComponentId={74CF2414-BCBD-4D41-BAC3-5A0B75C9E6CE},KeyPath=C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Bin\ccIPC.dll,State=3,,Disk=1,SharedDllRefCount=0,BinaryType=0)
MSI (s) (64:90) [18:17:17:231]: WIN64DUALFOLDERS: Substitution in 'C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Bin\ccIPC.dll' folder had been blocked by the 1 mask argument (the folder pair's iSwapAttrib member = 0).
MSI (s) (64:90) [18:17:17:231]: Executing op: ComponentRegister(ComponentId={D8B64F14-09E9-4267-A848-0423C1BE4E88},KeyPath=E:\,State=3,,Disk=1,SharedDllRefCount=0,BinaryType=0)
MSI (s) (64:90) [18:17:17:231]: Executing op: ComponentRegister(ComponentId={A31E46F5-90F1-4D6B-878D-03DB77708CE8},KeyPath=C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Bin\ccJobMgr.dll,State=3,,Disk=1,SharedDllRefCount=0,BinaryType=0)
..........

Environment

System doesn't have internet connection.

Resolution

After updating the certificate issue got resolved.

These are the list of certificates for 14.3.558, which should help. Please note that not only the 'Trusted root certification store' but the 'intermediate Certification Authorities' are also required to avoid any kind of problems during verification of certificate chain.

<< Trusted Root Certification Authorities\Certificates>>   
=================================================================
  PSParentPath: Microsoft.PowerShell.Security\Certificate::LocalMachine\Root

Certificate:

CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, S=Western Cape, C=ZA
CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust N...
CN=VeriSign Universal Root Certification Authority, OU="(c) 2008 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="Ve...
CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

<< Intermediate Certification Authorities\Certificates >>
=================================================================  
   PSParentPath: Microsoft.PowerShell.Security\Certificate::LocalMachine\CA

Certificate:

CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US
CN=GlobalSign Timestamping CA - G2, O=GlobalSign nv-sa, C=BE
CN=Symantec Time Stamping Services CA - G2, O=Symantec Corporation, C=US
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc...
CN=DigiCert Assured ID CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US
CN=Symantec Class 3 SHA256 Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

 

Additional Information

https://knowledge.broadcom.com/external/article?legacyId=tech218029 - Certificate error when installing, upgrading, or removing Endpoint Protection