Cloud Detector Disconnect - authentication issue with the validity of the certificate

book

Article ID: 206335

calendar_today

Updated On:

Products

Data Loss Prevention Cloud Service for Email Data Loss Prevention Cloud Detection Service for ICAP Data Loss Prevention Cloud Detection Service for REST Data Loss Prevention Cloud Detection Service

Issue/Introduction

Could Detector was disconnected - Enforce is showing the following error:

Code 2714
Summary Cloud Service authentication to Enforce failed
Detail Error [AUTHENTICATION_FAILURE] - Cloud Service unreachable due to an authentication issue. Please check the validity and availability of the certificate.

Cause

This specific error about checking the "validity and availability of the certificate" appears when the Truststore on Enforce does not have the correct CA to perform authentication with the Cloud Service.

As per the Product Advisory on the topic, the migration of the DLP Cloud Service has resulted in an update to the truststore requirements for the Enforce server:

 

Environment

Release : 15.1 or earlier

Component :

Resolution

If Enforce is 15.1 or earler, ensure the steps in the following article have been completed:

Replacing the Cloud Services Enforce Truststore prior to migration of DLP Cloud Service to Google Cloud Platform (broadcom.com)

 

If Enforce is on a later release (15.1 MP1 or above), check permissions on the "enforce_truststore.jks" file are correct (DLP service has access to the folder as identified in the above article). If permissions are correct, it may be a proxy issue - see this KB for more suggestions:

Landing page: DLP cloud detectors disconnected (broadcom.com)