Symantec Endpoint Protection Manager 12.1 Release Update 2 Java remote console fails Java certificate checks

Article:TECH199942  |  Created: 2012-11-20  |  Updated: 2012-12-17  |  Article URL
Article Type
Technical Solution


You recieve the error message "Failed to validate certificate." when attempting to launch the Java Symantec Endpoint Protection (SEPM) Remote Console after migrating or installing SEPM 12.1 Release Update 2 (RU2).


Application error: "Failed to validate certificate."

Clicking Details opens a more verbose error which includes the following: "InvalidKeyException: Wrong key usage".


This error is caused by a problem in the version of Oracle Java bundled with the SEPM. The problem is described in the following Oracle articles: 7197652 : Impossible to run any signed JNLP applications or applets, OCSP off by default and 7198537 : Certificate validation fails with error "Wrong key usage".


Java 1.7 Update 10 resolves this issue.  If upgrading to Java 1.7 Update 10 is not an option use the following workaround:

To disable online certificate validation

  1. Click Start>Control Panel
  2. Open the Java (32-bit) control panel
  3. Click Advanced>Security>General
  4. Uncheck Enable online certificate validation

Article URL

Terms of use for this information are found in Legal Notices