Symantec Endpoint Protection (SEP) clients are configured to download definitions from a LiveUpdate Administrator (LUA) over HTTPS. The downloads fail with:
* Failed to connect to HTTPS server
* Error statement:
>> Server certificate CN was invalid.
* Error code 0x00000010, File: minitri.flg
Server selection failed for server HTTPS://<Server>/clu-prod on port 7073.
The SSL certificate on the LUA server does not have a Subject or SAN that matches the specified internal LiveUpdate server configured in the policy. For example: The policy uses an FQDN, but the certificate only has the short hostname.
Release : 14.2.1+
Reconfigure the LiveUpdate settings policy to use a hostname, FQDN, or IP that matches one of the entries defined in the Subject or SAN of the LUA's SSL certificate.