Endpoint Protection

 View Only

  • 1.  SEPM SSL certificates

    Posted Nov 14, 2018 10:49 AM

    I need inforation for SEPM 14.2.

    In my client environment we have a request to use PKI certificates for SSL communication.

    I need to know the requirement which i need to share with the certificate Administrator. I need the Key usage and Enhanced key usage information like the one below for SEPM certificates.

    Key Usage

            Digital Signature, Non-Repudiation, Key Encipherment, Data Encipherment (f0)

     Enhanced Key Usage

            Server Authentication (1.3.6.1.5.5.7.3.1)

     

    Apart from this do i need to provide any other information.

    And after getting the Certificate how do i update the certificate in to SEPM.

     

    Thanks in advance.



  • 2.  RE: SEPM SSL certificates

    Trusted Advisor
    Posted Nov 15, 2018 04:00 AM

    See the below links for certificate information

    About Certs

    https://support.symantec.com/en_US/article.HOWTO81145.html

    Best Practices

    https://support.symantec.com/en_US/article.HOWTO81061.html

    Updating Restoring a cert

    https://support.symantec.com/en_US/article.HOWTO81146.html



  • 3.  RE: SEPM SSL certificates

    Posted Nov 15, 2018 11:44 AM

    You can grab all these details from your SEPM's existing cert.  A good place to look for these would be under "X:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Server Private Key Backup" on your SEPM.  Just drill down the folder structure and until you find the cert.

    You might also want to look at the below article too:

    https://www.symantec.com/docs/TECH212432

    This seems to suggest you outright replace the SEPM's certs, instead of getting the SEPM to generate a CSR.

    Make sure you read the article and its links in full, as changing the cert will break client communications, unless probperly managed.