Missing PGPtrustedcerts.asc file in Encryption Desktop client installer (String too long)

book

Article ID: 172547

calendar_today

Updated On:

Products

Encryption Management Server Encryption Management Server Powered by PGP Technology Desktop Email Encryption, Powered by PGP Technology Drive Encryption Powered by PGP Technology Encryption Desktop Corporate Powered by PGP Technology Encryption Desktop Powered by PGP Technology Encryption Desktop Professional Powered by PGP Technology Encryption Desktop Storage Powered by PGP Technology

Issue/Introduction

When you download a customized Encryption Desktop client from Encryption Management Server, an error may be logged to the Administration log and the PGPtrustedcerts.asc file is not included in the *.msi installation file.

Download the Encryption Desktop client by doing the following:

  1. Open the Consumers / Groups page from the administration console.
  2. Click on the Download Client button at the bottom of the page.
  3. From the Download page, select the Platform (Windows 32-bit or Windows 64-bit) and Language.
  4. Enable the Customize option.
  5. If necessary, modify the Symantec Encryption Server name. This name should be the FQDN that the Encryption Desktop clients connect to. For example, keys.example.com.
  6. Click on the Download button.

After the download completes, an error may appear in the Administration log. If the error appears, the PGPtrustedcerts.asc file will not be included in the installation file.

An error similar to the following may appear in the Administration log on the Reporting / Logs page of the administration console. In this example, 54,321 represents any number greater than 30,000:
String too long (string is 54321 limit is 30000)

Cause

Encryption Management Server administrators can import Root and Intermediate certificates from the Keys / Trusted Keys page of the administration console. All such imported certificates are included in the PGPtrustedcerts.asc file within the customized Encryption Desktop installer.

During the installation of Encryption Desktop, the PGPtrustedcerts.asc file is saved to the folder %ProgramData%\PGP Corporation\PGP.

If the combined Root and Intermediate certificates comprise over 30,000 characters, the String too long error is generated and the PGPtrustedcerts.asc file is not included in the MSI file.

Environment

  • Encryption Management Server 3.3.2 MP13 and above.
  • Encryption Desktop 10.3.2 MP13 and above.

Resolution

In order to avoid the String too long error, please contact Symantec Technical Support.

Symantec Corporation is committed to product quality and satisfied customers. This issue is currently being considered by Symantec Corporation to be addressed in a forthcoming version or Maintenance Pack of the product. Please be sure to refer back to this document periodically as any changes to the status of the issue will be reflected here.

Additional Information

Etrack: 2473680


For other information relate to certificate pop-ups, see the following articles for assistance and contact Symantec Enterprise support if needed:

 

156600 - Manually add PGPtrustedcerts.asc to the Symantec Encryption Desktop installer (MSI) using Orca

157432 - Encryption Desktop prompts user that the server certificate is not valid

153347 - Authentication certificate not valid pop-up displayed when connecting to Encryption Management Server

 

Attachments