When trying to install a self signed certificate on the advanced tab of the targeted agent settings page you receive the following error.
The Extended Key Usage information is present and it indicates that the certificate does not support client authentication.
This error will be shown if you have created your own self signed certificate with IIS and are not using the one that Symantec creates during installation. When you create a self signed certificate with IIS the default is only a Server Authentication certificate, the self signed certificate created by Symantec during installation handles both Server Authentication and Client Authentication. You can see this if you open the certificate with MMC (Microsoft Management Console) and load the certificate snap-in. After opening the certificate click on the details tab and look for the Enhanced Key Usage field and you should see "Client Authentication (220.127.116.11.18.104.22.168.2)". If the certificate does not contain this field you will get the error.
Use the self signed certificate that was created with the installation of the product or create a new certificate with the appropriate fields.
Imported Document ID: TECH226478
Subscribing will provide email updates when this Article is updated. Login is required.