Thumbprint mismatch error in the Symantec Management Agent logs
search cancel

Thumbprint mismatch error in the Symantec Management Agent logs

book

Article ID: 164782

calendar_today

Updated On:

Products

IT Management Suite

Issue/Introduction

You have verified the Internet Gateway Managers, and the CEM policy settings (e.g. certificate thumbprints) are configured correctly, but external Cloud-enabled Management (CEM) Symantec Management Agents are not able to communicate with the Symantec Management Platform server.

Symantec Management Agents logs:

Operation 'CEM: Connect' failed.
Protocol: HTTPS
.....................
...........
....
.......
Error type: TLS Handshake error
Error code: The certificate chain was issued by an authority that is not trusted (0x80090325)
Error note: '<FQDN>' server's certificate is not valid, thumbprint mismatch

Environment

You have more than one Cloud-Enabled Management Gateway.

Resolution

Check that the FQDN CEM Gateway is externally resolvable. Check as well if the domain name does not match the certificate. If that is the case, it is recommended to work with your network team to determine if a network routing or DNS issue exists.