A prior version of the documentation for importing TLS certificates into one's Network Prevent for Email server keystore suggested the following location for this keystore:

When you install Network Prevent for Email Server, the installer creates an empty keystore file in installdir

<drive>:\Program Files\Symantec\DataLossPrevention\DetectionServer\<DLP_version>\Protect\keystore\prevent.ks

Release : 15.8, 16.X

Component :

Generating Network Prevent for Email Server Keys

Importing Public Key Certificates to the Network Prevent for Email Server Keystore

This was actually incorrect, and if the keystore file for SMTP Prevent is updated in this location, TLS handshakes will fail to find the certificate assigned.

As a result, connections to the downstream MTA will be dropped as soon as they are established, usually with a simple "Forward connection closed" in the RequestProcessor log.

The correct location of the SMTP Prevent keystore is defined in the "Protect.properties" file on the Detection Server which is located at C:\Program Files\Symantec\DataLossPrevention\EnforceServer\<version>\Protect\config

Linux:

#SMTP Prevent keystore
com.vontu.inline_smtp.keystore = /var/Symantec/DataLossPrevention/DetectionServer/<version>/keystore/prevent.ks

Windows:

#SMTP Prevent keystore
com.vontu.inline_smtp.keystore = C:/ProgramData/Symantec/DataLossPrevention/DetectionServer/<version>/keystore/prevent.ks

Current versions of the above documentation already reflect this change - this article is for informational purposes only and will be removed at a future date.