You need to replace the ABRCA Root CA Certificate on Symantec Data Loss Prevention (DLP) Appliance but the appliance does not have an internet connection and/or no proxy server is configured.

Release : 15.x

Component : Symantec DLP Appliance

The proxy settings are not configured in the Appliance and the command "ssl trust-package download-now" is not working.

These are the steps to configure proxy settings to be able to download the new certificate:

1 - Log in to the appliance with admin user name and password;
2 - Type enable and type the password;
3 - Type "proxy-settings view" and hit ENTER - it will show that no proxy is configured;
4 - Type "config" and hit ENTER;
5 - Type "proxy-settings enable" and hit ENTER;
6 - Now type the following commands to configure the proxy:
     a) proxy-settings host <hostname/IP Address>
     b) proxy-settings port <port number>
     c) proxy-settings username <username>
     d) proxy-settings password <password
7 - Now type "proxy-settings view" and hit ENTER - it will show the proxy settings.

Now you can go ahead and follow the steps of the "Update the ABRCA Root CA Certificate" article.

1 - Run "ssl trust-package download-now" - it will start the certificate download;
2 - Run "ssl trust-package view" - it will show the download progress;
3 - Run "ssl view ca-certificate ABRCA_root" - it will show the new certificate.