search cancel

Certificate has been revoked error when browsing to Enforce UI


Article ID: 162084


Updated On:


Data Loss Prevention


This can be caused by problems with the certificates in the Tomcat keystore 
Default location and filename: SymantecDLP\Protect\tomcat\conf\.keystore
  Certificate has been revoked


In one case a production server certificate was imported into a test server keystore resulting in the test server keystore having two private/public key pairs.
Removing that certificate resolved the issue.


Use the keytool located in SymantecDLP\jre\bin to view the certificates in the keystore and check for valid information i.e. host names, CA Root and Intermediaries, etc.
This will list the certificates and their alias from the keystore.
keytool -list -v -keystore pathto\.keystore

You can remove a certificate with the keytool
keytool -delete -alias CertAlias -keystore .keystore