Endpoint Protection

Hello support,

This problem has been address before and I already know why it occures.

its “Symantec Management Client” service which Symantec End point uses to validate a Self-signed Certificate for Client-server communication. Windows attempts to find the trusted root for the certificate, and cannot find one, it then tries to connect to Microsoft update server to find trusted certificate authority. Since these machines do not have access to Internet, results in Crypt 32 application error log.

My question is the following, is there any setting within SEPM 11 that will remove this event?

In the Clients section, under the Policies tab, under settings there's General Settings. There under the Security Settings tab, the last option says Enable secure communications between the management server and clients by using digital certificates for authentication

I disabled that and re-installed the client software on the client computers but the event still appears.

The solution is installed in a closed network without internet connectivity, and we prefer to find an option within SEPM11 that will stop that CRYPT32 event error from appearing.  Is it possible?

Thanks.

Title: 'Event ID 8 notification about crypt32 seen in Application log after installing Symantec Endpoint Protection 11.0.5 client
'
Document ID: 2008101609211848
> Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2008101609211848?Open&seg=ent

Re-read my question please.

The solution is installed in a closed network without internet connectivity, and we prefer to find an option within SEPM11 that will stop that CRYPT32 event error from appearing.  Is it possible?
---In SEPM there is no such option , from wheer you can stop this error from appearing

Go to Add/Remove Programs ---> Add/Remove Windows Compnents

Scroll down until you see Update Root Certificates

Uncheck to uninstall and the error will stop

Not available thru SEPM that I know of as I've had this for some time now.

Thanks I was aware that I can disable the Update Root Certificates component.

I'm really curious why Enable secure communications between the management server and clients by using digital certificates for authentication doesn't do a thing.

Cheers

I think that error is related to the program as a whole, meaning Windows tries to go out to MS Update to download the list to verify SEP is legit.

I'm not sure what the setting you mention means exactly, probably to verify communication between SEPM and client.

I think, Brian81 is correct. The error is realted to computer , not  being  able to update  its  root  certificate, as  it  does not  have  internet  connection.
The  setting, in SEP is  for communication between  SEP client, and  server.

As far as I know this is related to the internal communication of SEP clients with SEPM.SEP clients will use a certificate to get it authenticated to it's server and the client will get this certificate from it's sylink file...

refer
http://support.microsoft.com/kb/317541 

The KB (always same number) KB931125 where you can download the "stand-alone" Root certifcate update for Windows XP.

You indicated you did not want to "disable the feature" in add/remove programs.  You can download directly from the source and integrate into your network and deploy. 

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=e4f9b573-66d7-4dda-95d5-26c7d0f6c652
- May 2010
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=f5eff286-5412-4d7f-81b2-3a1418a4f8b9
- August 2010.

Unfortunately, Microsfot's site for directly downloading these and searching via the KB is generally defunct. 

The best way to obtain those you require, I.E. latest versions, is to navigate directly to
Micorsot.com/downloads and use the search feature for "Root Certificate + OS"

I've exactly the same problem. In all machines (client and server) that I have upgrade to the latest SEP version the error event 8 appear.

I don't think it's a MS problem because before the upgrade of SEP all are works fine.

I've spend about a day to check, find and try various solutions but no one is really usefull.

The very last chance is to remove the MS component "Update Root Certificates" and, I find it, it's crazy to disable a Windows component after an upgrade of Symantec product.

 

Thanks in advance to the Symantec support to find a really solution.

This subject has been covered in many threads. This is not a Symantec problem. The client code was changed to comply to MS standards. It's functioning as designed.