Unable to login to Endpoint Protection Manage API
search cancel

Unable to login to Endpoint Protection Manage API

book

Article ID: 271995

calendar_today

Updated On:

Products

Endpoint Security Complete Endpoint Detection and Response Endpoint Protection

Issue/Introduction

Not able to add Symantec Endpoint Protection Manager (SEPM) controller to the Symantec Endpoint Detection & Response (SEDR)

If we login to SEPM API e.g: https://<SEPMIP>:8446/sepm/

EDR logs:

Central Manager;
 
2023-08-09 08:42:09,278 ERROR org.springframework.scheduling.concurrent.ScheduledExecutorFactoryBean#0-10 (GetDomains.java:getSepmDomains:122) Failed to retrieve domains from <<SEPMIP>>:8446, 400 - InboundJaxrsResponse{ClientResponse{method=GET, uri=https://<SEPMIP>:8446/sepm/api/v1/domains, status=400, reason=}}
 
Atpapp log:
 
2023-08-09 09:06:38,446 ERROR http-nio-127.0.0.1-8010-exec-12 (CentralManagerServiceImpl.java:validateSepm:5092) Error when trying to connect to SEPM. Exception : {"errorCode":"500","appErrorCode":"","errorMessage":"Internal Server Error"}:name=EROR_SEPM_INTERNAL_ERROR, description=SEPM internal error
com.symantec.atp.central_manager.rmi.exception.SepmCommunicationException: {"errorCode":"500","appErrorCode":"","errorMessage":"Internal Server Error"}:name=EROR_SEPM_INTERNAL_ERROR, description=SEPM internal error

From semapisrv_log.*.log

2023-08-09 18:40:55,574 [HubInstallTask] WARN  c.s.s.c.d.mydbcp.SepmBasicDataSource - Could not connect to the database, wait for 1 second to retry... caller: getConnection 
2023-08-09 18:40:56,574 [HubInstallTask] DEBUG c.s.s.c.d.mydbcp.SepmBasicDataSource - SepmBasicDataSource >> executor: 733863480, borrowing connection, connectionBorrowTimeout: 60000, maxWaitMillis: 30000, MaxTotal: 20, MaxIdle: 10, NumActive: 0, NumIdle: 0. 
2023-08-09 18:40:56,590 [HubInstallTask] DEBUG c.s.s.c.d.mydbcp.SepmBasicDataSource - SepmBasicDataSource >> executor:733863480, Connection borrowed: null! 
2023-08-09 18:40:56,590 [HubInstallTask] WARN  c.s.s.c.d.mydbcp.SepmBasicDataSource - SepmBasicDataSource> handleSQLException>> retryCount: 20 
2023-08-09 18:40:56,590 [HubInstallTask] WARN  c.s.s.c.d.mydbcp.SepmBasicDataSource - SepmBasicDataSource> handleSQLException>> errorCode: 0 
2023-08-09 18:40:56,590 [HubInstallTask] WARN  c.s.s.c.d.mydbcp.SepmBasicDataSource - SepmBasicDataSource> handleSQLException>> sqlState: null 
2023-08-09 18:40:56,590 [HubInstallTask] WARN  c.s.s.c.d.mydbcp.SepmBasicDataSource - SepmBasicDataSource> handleSQLException>> cause: java.util.concurrent.ExecutionException: java.sql.SQLException: Cannot create PoolableConnectionFactory (The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty". ClientConnectionId:34efbef3-b071-4e17-a69f-13db898123d7)

Environment

EDR version : 4.8.0

SEPM version: 14.3 RU7

Cause

While SEPM upgrade "trustServerCertificate" is false in the file <SEPM>\tomcat\instances\sepm-api\conf\Catalina_WS\localhost\jdbc.properties. However, in root.xml trustServerCertificate was true.

jdbc.password=<PASSWORD>
jdbc.username=DBA
jdbc.connectionInitSqls=SELECT 1
jdbc.driverClassName=com.microsoft.sqlserver.jdbc.SQLServerDriver
jdbc.url=jdbc:sqlserver://SEPMIP:2638;instanceName=SQLEXPRESSSYMC;databaseName=sem5;integratedSecurity=false;encrypt=true;trustServerCertificate=false;;useUnicode=yes;characterEncoding=utf8;

Resolution

Follow the below steps:-

1. Edit <SEPM>\tomcat\instances\sepm-api\conf\Catalina_WS\localhost\jdbc.properties
2.Change trustServerCertificate to true
3. Restart all SEPM services

 

Additional Information

https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-protection/all/upgrading-to-a-new-release-v14510472-d27e6/Configuring-encryption-communication-between-SEPM-and-SQL-Server.html

 

Powered by Wolken Software