Changing the SSL port assignment in Symantec Endpoint Protection Manager

Article:HOWTO81054  |  Created: 2012-10-24  |  Updated: 2014-09-21  |  Article URL http://www.symantec.com/docs/HOWTO81054
Article Type
How To


Subject


Changing the SSL port assignment in Symantec Endpoint Protection Manager

You may be required to change the default SSL port assignment if the default SSL port is not available.

You must first verify that the new SSL port that you choose is unused. If you change the port assignment after you deploy managed clients, you must perform an additional task. This task ensures that the clients can continue to communicate with Symantec Endpoint Protection Manager.

After you complete these procedures, you enable SSL in Apache.

To change the SSL port assignment on a new management server with no clients

  1. In the Symantec Endpoint Protection Manager console, on the Policies tab, click Policy Components > Management Server Lists.

  2. Duplicate the default management server list. Double-click the new list to edit it.

    See Copying and pasting a policy on the Policies page.

  3. Under Management Servers, highlight the server IP address entry for your management server, and then click Edit.

  4. In the Edit Management Server window, click Customize HTTPS port and then enter the new port number. Click OK.

  5. Repeat steps 3 and 4 for the computer name entry for your management server.

  6. Click OK.

To change the SSL port assignment on a management server with clients

  1. In the Symantec Endpoint Protection Manager console, on the Policies tab, click Policy Components > Management Server Lists.

  2. Double-click on the management server list that your groups and locations use. If you only have the default management server list, duplicate the default management server list. Double-click the new list to edit it.

    See Copying and pasting a policy on the Policies page.

  3. Under Management Servers, highlight the IP address entry for your management server, and then click Add > New Priority.

  4. Click the priority you created and then click Add > New Server.

  5. In the Add Management Server window, enter the server IP address, click Customize HTTPS port, enter the new port number, and then click OK.

  6. Repeat steps 4 and 5, except use the computer name entry for your management server.

  7. Click OK. If you did not edit a copy of the default management server list, go to step 9.

  8. Right-click the copy of the default management server list and click Assign, then assign it to every group and location.

    See Assigning a management server list to a group and location.

  9. Verify that clients receive this updated policy before you begin the next procedure.

    See Using the policy serial number to check client-server communication.

To change the SSL port in the configuration file

  1. In a text editor, open the following file:

    %SEPM%\apache\conf\ssl\sslForClients.conf

    Where %SEPM% is the Symantec Endpoint Protection Manager installation folder.

  2. Edit the following strings and replace the default of 443 with the new port number:

    Listen 443

    <VirtualHost_default_: 443>

  3. Save the file and close the text editor.

See Verifying port availability.

See Enabling SSL for the Apache web server for client communication.

See Configuring SSL between Symantec Endpoint Protection Manager and the clients.


Legacy ID



v57069683_v81626096


Article URL http://www.symantec.com/docs/HOWTO81054


Terms of use for this information are found in Legal Notices