If your SEPM and environment do allow TLS 1.0, the following additional SSLCipherSuite changes will be necessary:
Navigate to drive:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\apache\conf\ssl\sslForClients.conf, and open it with a text editor, such as Notepad.
Locate the following text: SSLCipherSuite HIGH:!MEDIUM:!LOW:!aNULL:!eNULL:3DES:!RC4
Replace this text with the following: SSLCipherSuite HIGH:-MEDIUM:!LOW:!aNULL:!eNULL:3DES:!RC4:DES-CBC3-SHA
Save the changes and close the file.
Restart the Symantec Endpoint Protection Manager services:
Symantec Embedded Database
Symantec Endpoint Protection Launcher
Symantec Endpoint Protection Manager
Symantec Endpoint Protection Manager Webserver
Warning: This configuration uses a lower-strength cipher that is compatible with Windows XP / Server 2003. Therefore, the configuration lowers the security profile of the Symantec Endpoint Protection Manager compared to one that is not configured to accommodate these operating systems.
Subscribing will provide email updates when this Article is updated. Login is required.