Symantec Endpoint Protection Manager unable to update over https from distribution center configured in Internet Information Services (IIS)
Article ID: 224584
Updated On:
Products
Issue/Introduction
Symantec Endpoint Protection Manager unable to update over https from distribution center configured in Internet Information Services (IIS) as per Article : 152461
From Lux.log:
20:43:36.329689 [Component List - END]
20:43:36.330687 [Session Initialization - START]
20:43:36.743717 Result code: 0x00010000
20:43:36.743717 Component Status Changes:
20:43:36.744711 None
20:43:36.744711 [Session Initialization - END]
20:43:36.745718 [Inventory Synchronization - BEGIN]
20:43:39.134901 Result Code: 0x00010000
20:43:39.134901 Result Message: OK
20:43:39.134901 Component Status Changes:
20:43:39.134901 None
20:43:39.135893 [Inventory Synchronization - END]
20:43:39.135893 [Server Selection - START]
*20:43:39.313904 Result Code: 0x80010830
20:43:39.314917 Result Message: FAIL - failed to select server*
20:43:39.314917 [Server - START]
20:43:39.314917 Host ID:
{4379D8E9-D658-40C7-B15B-717D81F104D0}
20:43:39.314917 Status Code: 1
20:43:39.314917 Status Message: Server was not selected
*20:43:39.315917 Transport Return Code: 0x80010732
20:43:39.315917 Transport Return Message: FAIL - file not found
20:43:39.315917 Protocol: HTTPS
Packet capture: With Self signed certificate
Connection failure during TLS handshake with Unknown CA error (IIS certificate is imported to Trusted Root CA Authorities in SEPM Server).
Cause
- Self signed certificate
- "Request filtering" enabled and extensions required to downloaded for LUA content not in ALLOW list.
Environment
Release : LUA 2.3.9
Component : NA
Resolution
- Use CA Signed certificate instead of Self signed certificate
- Add extensions as per Article ID : 223686 to ALLOW list of "Request filtering" in IIS
Additional Information
Attachments
Feedback
