Administrators attempting to log in to the SEP Manager receive an "Unexpected Server Error"
SCM-Server-x.log shows the following errors:
java.sql.SQLException: Cannot create PoolableConnectionFactory (The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "NotAfter: Mon Jan 01 00:00:00 EDT 2000". ClientConnectionId:xxxxxxxxxxxxxxxxxxxxxxx)
Caused by: com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "NotAfter: Mon Jan 01 00:00:00 EDT 2000". ClientConnectionId:xxxxxxxxxxxxxxxxxxxxxxxx
14.3 RU1 and later
SQL Certificate has expired, causing handshake errors when communicating via SSL
The following steps can be taken to correct the issue with a self-signed certificate.
Note:
Sometimes modifying root.xml doesn't disable the TLS between SEPM and the database, and the user has to use SetSQLServerTLSEncryption.bat script under *:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Tools\
The usage instructions of this tool can be found in *:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Tools\SetSQLServerTLSEncryption.html