ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Patch Metadata Import HTTPs Support for 8.1.x and 8.5.x

book

Article ID: 199422

calendar_today

Updated On:

Products

Patch Management Solution

Issue/Introduction

There are two situations covered in this article.

 

Situation 1: 

The current default location for Windows PM Import uses HTTP as seen below:

 

Starting on February 15, 2021, Broadcom will disable HTTP access to the SolutionSam site and will require use of HTTPs. Any access using HTTP will be redirected to HTTPS, and the remediation for the default location below may not be needed. In some cases this may not work and installation of the pointfix is needed

Note that HTTPs support using (TLS 1.2 and 1.3 only) was added previously, so you may install the applicable point fix below at any time. The default HTTP URL will redirect to HTTPs starting on February 15, 2021.

 

Situation 2: 

When using the custom location as seen above, we check the availability of the URL entered by the user, and this check is done using TLS 1.0, so if any modifications are made it will fail if TLS 1.0 is disabled in the environment, which for most customers will be the case as TLS 1.0 and 1.1 are deprecated. As such, customers will experience issues with modification of the Patch Import task properties (inability to save changes). 

Environment

Patch Management Solution 8.1.x and 8.5.x

Resolution

Note: In both of the situations below, log into the Notification Server as the APPID (Altiris Service Account) and run the executable as Administrator.

Situation 1: To change the default URL used for Patch Management Import data, run the applicable point fix for your version, either 8.1 or 8.5:

  • For 8.5:     8.5_PM_PF_EM-80640_v2_3Sep.zip (for all versions of 8.5) 
  • For 8.1:     8.1_PM_PF_EM-80640_v2_3Sep.zip (for all versions of 8.1)

These pointfixes will change the default location to use HTTPS instead of HTTP.

Note for customers on 8.0: Version 8.0 will be at full end-of-life on April 3, 2021 and no point fix is available. To continue after February 15, 2021, implement one of the changes below for situation two and use a custom location with HTTPS (https://www.solutionsam.com/imports/7_1/patch/windows/pmimport.cab)

 

Situation 2: If you use a custom location to direct to the HTTPS URL (https://www.solutionsam.com/imports/7_1/patch/windows/pmimport.cab), do one of the two options below.

You can run the attached pointfix below applicable to your version and release update level. After installing you can modify the URL to use a custom HTTPS.  

  • For 8.1 POST RU7:     Patch_8_1_POST_RU7_v6_1Sep.zip
  • For 8.5 POST RU2:     Patch_8_5_POST_RU2_v2_1Sep.zip
  • For 8.5 POST RU3:     Patch_8_5_POST_RU3_v1_1Sep.zip
  • For 8.5 POST RU4:     Patch_8_5_POST_RU4_v2_1Sep.zip

 

Alternatively, follow Microsoft’s guidance to enable TLS1.2:  
Microsoft suggests enabling TLS1.2 through registry entries see the following Microsoft article for more information: https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2-client

Additional Information

199465  "SIM is no longer able to download files over HTTP requests"

Attachments

1610400673604__Patch_8_5_POST_RU4_v2_1Sep.zip get_app
1610400662132__Patch_8_5_POST_RU3_v1_1Sep.zip get_app
1610400646838__Patch_8_5_POST_RU2_v2_1Sep.zip get_app
1610400448274__Patch_8_1_POST_RU7_v6_1Sep.zip get_app
1600122901165__8.1_PM_PF_EM-80640_v2_3Sep.zip get_app
1600122641760__8.5_PM_PF_EM-80640_v2_3Sep.zip get_app