search cancel

How to configure Protection Engine to use HTTPS for LiveUpdate


Article ID: 207623


Updated On:


Protection Engine for Cloud Services Protection Engine for NAS Protection for SharePoint Servers


How to configure Symantec Protection Engine (SPE) to use HTTPS for LiveUpdate instead of HTTP.


There are two methods to change the LiveUpdate settings; Centralized console, or xmlmodifier.

To change the LiveUpdate protocol to HTTPS via the Centralized Console

  1. Open the centralized console, and navigate to the Policies tab.
  2. Select the policy to be changed and click the Edit button.
  3. Select the System tab, scroll to the bottom of the page, and expand the LiveUpdate Settings section.
  4. Under Protcol enter https
  5. Under Port enter 443.
  6. Click Save

LiveUpdate will now use the HTTPS protocol for any servers/groups with this policy applied.

To change the LiveUpdate protocol to HTTPS via xmlmodifier

  1. Open a command prompt, and navigate to the SPE install directory.
    Default on Windows:  cd C:\Program Files\Symantec\Scan Engine.
    Default on Linux: cd /opt/SYMCScan/bin.
  2. Run the command xmlmodifier -s /liveupdate/UpdateServer/Protocol/@value https liveupdate.xml
  3. Run the command xmlmodifier -s /liveupdate/UpdateServer/Port/@value 443 liveupdate.xml
  4. Restart the Symantec Protection engine service.
    For Windows, net stop symcscan, followed by net start symcscan
    For Linux, /etc/init.d/symscan restart

After taking these steps, LiveUpdate will now use HTTPS for communications to Symantec servers.