Certificate error when launching DLP Enforce console login

book

Article ID: 169676

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

Attempting to bring up Enforce console login page and getting the following error.

There is a problem with this website's security certificate.
 

The security certificate presented by this website was issued for a different website's address and the security certificate presented by this website was not issued by a trusted certificate authority.

 

Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.

 

We recommend that you close this webpage and do not continue to this website.

Cause

The system the user is accessing Enforce console login from does not trust the certificate in tomcat folder.

Resolution

Two options to fix:

  1. Manually verify/fix this via the web browser. This will need to be done with all web browsers, from every system used to access the Enforce console login.
    OR
  2. The following KB should resolve this as well - https://support.symantec.com/en_US/article.TECH221433.html


If the issue still persists, you may need to perform the following:

  • Download the JKS with the Private Key included not including the root chain. 
  • Install the Root CA into the cacerts keystore withing /jre/lib/security/cacerts
  • Point server.xml within /opt/SymantecDLP/Protect/tomcat/conf/server.xml to the JKS file that was generated from Venafi


 
 

Attachments