Upgrade SEC 5.5.0 to SEC 5.5.2 failed

Hi Everyone,

Currently we are having an upgrade issue with the existing implementation as listed below for reference. I would be grateful if you could help us with the upgrade or share your experience. We have checked KB and could not find the issue or root cause of SQL instance not supporting TLS 1.2. Thank you

Sophos Infrastructure
SEC Server : Windows OS 2012 R2 Data Center & SEC Version : 5.5.0.
Database Server : Windows OS 2012 R2 Data Center Database SQL 2012 Standard.

Troubleshooting & Guide:

Microsoft KB: support.microsoft.com/.../kb3135244-tls-1-2-support-for-microsoft-sql-server-e4472ef8-90a9-13c1-e4d8-44aad198cdbe
Sophos KB: support.sophos.com/.../KB-000036975


Customer Database Server information:

  • Hello AzwanArif,

    please permit some questions.

    Why do you need to upgrade? Windows Server 2012 R2 is good until after SEC's EOL so why touch the setup now?.5.5.2 is out for quite a while and if 5.5.0 was fine for you since then there's IMO no need to upgrade.

    You mention a SEC and a Database Server but the verifier seems to check the local SQL instance. Is the database local or remote?

    You do have a certificate for SQL Server?


  • Hi

    Customer is using SEC 5.5.0 with remote database. Due to version 5.5.0 is EOL including issue with SUM version 1.7.2 issue. Customer is advised by support to upgrade latest version 5.5.2.

    Customer didn't have a certificate for SQL server. they will be using custom standalone certificate (domain certificate is best practice since they using domain account for the SEC & DB communication?) as KB below suggest.

    Sophos KB: https://support.sophos.com/support/s/article/KB-000037979

  • Hello AzwanArif ,

    SUM version 1.7.2
    wasn't aware that there's still development for SUM and RMS.

    they will be using custom standalone certificate
    not sure if I understand correctly: They already have the certificate but the CheckDBConnection.exe fails (as shown in the cmd-window screenshot) when run on the Database Server?