The following warning appears while logging into Symantec Endpoint Protection Manager (SEPM):
Warning - Security Server Certificate is not present in your trusted store. Do you want to trust the certificate?
It appears every time when logging to SEPM console even after clicking on "Accept" or "Accept Always".
Following error is found in scm-ui.log:
STDOUT: LoginPanel> login>> Non smartcard based authentication. GUIManager INFO: GUIManager> login>> Setting up communicator. isSmartCardBasedAuth: false STDOUT: ConsoleSSLSocketFactory> loadCertificate>> Non certificate based login. STDOUT: CustomSSLSocketFactory> Is trustedCerts null ? : true, popup: true, isSmartCardAuth: false STDOUT: ServerCertUtil> readCreateStorePasswd>> Unable to read the Storepasswd from file: E:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\conf\server.xml STDOUT: ServerCertUtil> getCertificate>> Error getting store path file. Exception: E:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\keystore.jks (Access is denied) STDOUT: ConsoleSSLSocketFactory> loadCertificate>> Default server certificate is null. STDOUT: UserCertStoreUtil.getCertificatedFromStore(). Error while loading cert store. deleting the cert store STDOUT: UserCertStoreUtil.getCertificatedFromStore(). cert store could not be deleted STDOUT: ConsoleSSLSocketFactory> loadCertificate>> Server certificate in userStore is null.
Permission issue on "keystore.jks" file.
Default Folder: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\etc
SEPM version 14.3 and above
Add the following users accounts to have Full Control access to 'keystore.jks' file: