Symantec Messaging Gateway (SMG) is trying to connect with a DDS source via SSL/TLS. The DDS source presents a certificate that uses the RSASSA-PSS algorithm.
Permanent failure while attempting to search data source: <hostname> Reason: Algorithm constraints check failed on signature algorithm: 1.2.840.1135126.96.36.199
RSASSA-PSS [OID 1.2.840.1135188.8.131.52] is not a supported signing algorithm in SMG. Because the SMG does not use that algorithm, it will drop the connection, as it cannot maintain the TLS handshake.
There are two main ways to resolve this issue: