After enabling TLS (Transport Layer Security) version 1.1 or 1.2, the clients in your environment become disconnected with the following error: InitializeSecurityContext error while client handshake: The client and server cannot communicate, because they do not possess a common algorithm (0x80090331). If you revert back to using TLS 1.0, communication functions as normal.
InitializeSecurityContext error while client handshake: The client and server cannot communicate, because they do not possess a common algorithm (0x80090331)
Transport Layer Security (TLS) is not completely enabled on the Symantec Management Platform server. Allow agent and server to both use the same TLS algorithms. This is often caused by the agent profile only having TLS 1.0 checked and the agent operating system only allowing TLS 1.2.
Windows Server 2008 R2 and possibly Window Server 2012
Reference Microsoft article: https://technet.microsoft.com/en-us/library/dn786418.aspx
You will notice this article indicates that you need to create a registry key for TLS version 1.1 or/and 1.2 based upon your desired protocol. While the article also references TLS 1.0, errors are not experienced when using 1.0.
As per the linked Microsoft article, on your SMP, open the registry and do the following:
To verify this you should reference the following registry key to make sure it exists:
Additional Microsoft Forum posts with resolution possibilities: