You are in the process of setting up a new Data Center Security (DCS) installation environment. However, instead of generating a new Agent certificate, you aim to utilize an existing Agent certificate from a different environment. This approach is intended to streamline the setup process and leverage the existing security infrastructure.

Data Center Security Server Advanced 6.9.x

This is to attempt to make agent deployment easier and/or move existing agents to a new server but only need to change the DCS manager hostname

After completing a new installation of DCS (as outlined here: Installing Management Server along with Tomcat and database using production mode), perform the following steps:

1. Stop the following services:

Symantec Data Center Security Server Manager

Symantec UMC Credential Service

Symantec UMC Telemetry Service

 

2. Make a backup of the following files:

<install directory>\Symantec\Data Center Security Server\Server\agent-cert.ssl

<install directory>\Symantec\Data Center Security Server\Server\server-cert.ssl

<install directory>\Symantec\Data Center Security Server\Server\tomcat\conf\server.xml

3. Copy the following files from the existing DCS manager environment to the new DCS manager installation in the same location (rename the existing files or replace them if you made the necessary backups from Step 2):

<install directory>\Symantec\Data Center Security Server\Server\agent-cert.ssl

<install directory>\Symantec\Data Center Security Server\Server\server-cert.ssl

4. Open the following file with a text editor from the existing DCS manager environment:

<install directory>\Symantec\Data Center Security Server\Server\tomcat\conf\server.xml

Navigate to this section: 

<Service name="Bridge-Service">

Copy the certificateKeystorePassword text from the following line in that section:

<Certificate certificateKeystoreFile="C:\Program Files (x86)\Symantec\Data Center Security Server\Server\server-cert.ssl" certificateKeystorePassword="<ActualCertificateKeystorePassword>" certificateKeystoreType="PKCS12"/>

5. Open the following file with a text editor from the new DCS manager environment:

<install directory>\Symantec\Data Center Security Server\Server\tomcat\conf\server.xml

Replace the certificateKeystorePassword text you copied from Step 4 in the following 3 sections in the new DCS manager server.xml file:

<Service name="Bridge-Service">

<Service name="SSS-Agent-Service">

<Service name="Catalina>

 

6. Start the following services:

Symantec UMC Credential Service

Symantec UMC Telemetry Service

Symantec Data Center Security Server Manager

 

7. Test the communication with a new DCS agent install and/or change the hostname to the new DCS manager on an existing DCS agent install (if pointing to the existing DCS manager referenced here)