You need to replace the ABRCA Root CA Certificate on Symantec Data Loss Prevention (DLP) Appliance but the appliance does not have an internet connection and/or no proxy server is configured.
Release : 15.x
Component : Symantec DLP Appliance
The proxy settings are not configured in the Appliance and the command "ssl trust-package download-now" is not working.
These are the steps to configure proxy settings to be able to download the new certificate:
1 - Log in to the appliance with admin user name and password;
2 - Type enable and type the password;
3 - Type "proxy-settings view" and hit ENTER - it will show that no proxy is configured;
4 - Type "config" and hit ENTER;
5 - Type "proxy-settings enable" and hit ENTER;
6 - Now type the following commands to configure the proxy:
a) proxy-settings host <hostname/IP Address>
b) proxy-settings port <port number>
c) proxy-settings username <username>
d) proxy-settings password <password
7 - Now type "proxy-settings view" and hit ENTER - it will show the proxy settings.
Now you can go ahead and follow the steps of the "Update the ABRCA Root CA Certificate" article.
1 - Run "ssl trust-package download-now" - it will start the certificate download;
2 - Run "ssl trust-package view" - it will show the download progress;
3 - Run "ssl view ca-certificate ABRCA_root" - it will show the new certificate.