Manual submissions from SEDR to a local CASMA return ERROR_PROXY_CERT

book

Article ID: 210657

calendar_today

Updated On:

Products

Endpoint Detection and Response

Issue/Introduction

After configuring Symantec Endpoint Detection and Response (SEDR) to use a local CAS, attempts to submit to files to the local CASMA fail returning "ERROR_PROXY_CERT".

Cause

There is a proxy server that is inspecting and decrypted TLS traffic that prevented the SEDR appliance from validating a license file successfully.

Resolution

Contact Broadcom Technical Support for assistance re-validating the license, and discontinue the use of a proxy that performs TLS inspection and decryption of traffic between the SEDR appliance and Broadcom back-end servers.

Additional Information

https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-detection-and-response/4-5/about-v96380626-d38e6/proxy-recommendations-v119901266-d38e6441.html