Recently, some users of Broadcom Endpoint Detection and Response (EDR) have encountered an issue where the system is unable to locate the Symantec Endpoint Protection Manager (SEPM) groups.
Even though the correct credentials are used SEPM query result is empty.

This issue is highlighted in the logs with a specific error related to SSL communication.
Error Logs
The error message in the log states:

2024-07-18 12:18:08,102 ERROR RMI TCP Connection(567)-127.0.0.1 (SepmRestApi.java:simpleRequest:440) Failed to get a response from the requested SEPM. Exception details : javax.net.ssl.SSLHandshakeException: Certificates do not conform to algorithm constraints
javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: Certificates do not conform to algorithm constraints 

Problem Diagnosis
The SSLHandshakeException: Certificates do not conform to algorithm constraints error indicates a problem during the SSL handshake due to the SSL certificate not meeting algorithm constraints. Specifically, the SEPM certificate uses a 1024-bit key, which may not be considered sufficiently secure under current security policies, particularly where 2048-bit keys are required.

Here the steps to "Update the server certificate on the management server without breaking communications with the client"
https://knowledge.broadcom.com/external/article/187099/update-the-server-certificate-on-the-man.html

Note.
Open a case with Broadcom if you need assistance with certificate replacement