You have configured encrypted communication between the Enforce and the oracle server via a jdbc connector as per chapter 5 of the:
Data Loss Prevention Installation Guide for Windows
Last updated: 31 July 2018
However, on completion the Enforce console does not load.
Tomcat logs (C:\ProgramData\Symantec\Data Loss Prevention\Enforce Server\15.1\logs\tomcat) show:
WARNING [com.vontu.util.jdbc.JDBCTestConnection] Cannot connect to database
java.sql.SQLRecoverableException: IO Error: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
DLP 15.1, 2 or 3 tier installation on Windows
The documentation version referenced above does not have the correct path for the keytool.exe
If you run the command as it is written in the documentation from the bin folder where the keytool.exe actually is and provide the correct, adjusted path to the certs.txt file – you will add your certificate to a second keystore called ‘cacerts’ (because the command automatically creates a keystore if none is present) - instead of adding it to the ‘real’ cacerts keystore which is the one being referenced by the jdbc connector.
Verify that this situation applies to you by:
changeit’ which is the default password.