Unable to log into the SEPM , with ""Unexpected error 0x1001000" displayed.
Additionally, reporting.log located at "%Program Files%\Symantec\Symantec Endpoint Protection Manager\Apache\Logs" will show the following:
2021-06-25 13:31:32 ERROR:fatal error at login: \rEXCEPTION block1: Error message: <b>Source:</b> Microsoft OLE DB Provider for ODBC Drivers<br/><b>Description:</b> [Microsoft][ODBC Driver 13 for SQL Server]SSL Provider: The target principal name is incorrect.
\rError code: -2147352567\rFile and line: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Php\Include\Common\ado.php(95)\r
2021-06-25 13:31:33 ERROR:could not find valid username in session
2021-06-25 13:31:33 ERROR*:request verification failed - file=homepage.php, referer=*
2021-06-25 13:31:33 INFO:Ssl client verification not successful so not getting the client certificate
2021-06-25 13:31:34 INFO:Ssl client verification not successful so not getting the client certificate
2021-06-25 19:30:43 INFO:Login start
2021-06-25 19:30:43 ERROR:warning: error at login. will retry once. error message : <b>Source:</b> Microsoft OLE DB Provider for ODBC Drivers<br/><b>Description:</b> [Microsoft][ODBC Driver 13 for SQL Server]SSL Provider: The target principal name is incorrect.
The issue is with a broken communication link between the web server (meaning php running on Apache) and the database. In this case the certificate presented by the database cannot be trusted due to the Target Principal name being invalid.
In an embedded SQL Express database, SEPM is configured to connect to the database with the host name. If, for example, the certificate used by the database has only the IP address in the CN, then it will not be able to verify the certificate.
SEPM with an embedded database, likely with a custom SSL certificate. Either configured with only IP addresses, or customized to work within a dmz.