Certificate mismatch errors are displayed in the Console after restoring previous encryption certificates to existing Symantec Endpoint Protection Manager (SEPM) servers.
2023-05-18 16:12:40.222 THREAD 93 WARNING: ReplicationHandler>> getRemoteSite:Got a mismatched certificate from remote server {x.x.x.x}
2023-05-18 16:12:40.222 THREAD 93 INFO: ReplicationHandler>> Cert of remote server {x.x.x.x}
This issue is most likely to occur after a disaster recovery is performed on one or more SEPM replication partners and a replication occurs before the encryption certificates are restored.
The encryption certificate information stored in the SEPM database about its replication partner does not match the replication partner's current certificate. When the certificate is manually accepted, it is stored in memory. It is not updated in the database until a replication occurs between the two sites.
To ensure both SEPM Sites trust each other's certificates verify that both the certificates have been manually trusted.
Then immediately perform a replication to ensure the latest certificate information is stored in each site's database.