search cancel

Certificate has been revoked error when browsing to Enforce UI

book

Article ID: 162084

calendar_today

Updated On:

Products

Data Loss Prevention

Issue/Introduction

This can be caused by problems with the certificates in the Tomcat keystore 
Default location and filename: SymantecDLP\Protect\tomcat\conf\.keystore
  Certificate has been revoked

Cause

In one case a production server certificate was imported into a test server keystore resulting in the test server keystore having two private/public key pairs.
Removing that certificate resolved the issue.

Resolution

Use the keytool located in SymantecDLP\jre\bin to view the certificates in the keystore and check for valid information i.e. host names, CA Root and Intermediaries, etc.
This will list the certificates and their alias from the keystore.
keytool -list -v -keystore pathto\.keystore

You can remove a certificate with the keytool
keytool -delete -alias CertAlias -keystore .keystore