As part of a migration of Symantec Information Security products to the Google Cloud Platform, some customers using the DLP Cloud Services need to update the Truststore file for the on-prem Enforce Management Console.
For more information about this migration, please see the Product Advisory on the topic.
Enforce versions prior to 15.1 MP1, accessing the DLP Cloud Services:
For customers using Enforce versions prior to 15.1 MP1, the existing Truststore will no longer recognize the Cloud Service as having a valid certificate.
Note: The keystore directory also contains another file, similarly named: enforce_keystore.jks.
This file contains the certificate required by Enforce to access the Cloud Service Gateway, and should not be removed or deleted in any of the steps outlined above. If the enforce_keystore.jks file has been deleted or lost, it will be recreated by a restart of the Enforce DetectionServerController service, but the recreated keystore will not contain the original bundle certificate and connectivity from Enforce to the Cloud Service Gateway will not be possible. To restore connectivity at this point, you would need to open a case with Technical Support.
keytool -list -keystore "C:\Program Files\Symantec\Data Loss Prevention\Enforce Server\15.1\Protect\keystore\enforce_truststore.jks"
Note that the example given in the screenshot above is for DLP 15.5, but the path to the Keytool binary will vary depending on the version of DLP and the OS.
For 15.1:
For version 15.0 or older: