You receive the error "keytool error java.lang.exception input not an x.509 certificate" when you try to update the certificate on the Symantec Data Loss Prevention (DLP) Enforce and Detection servers.

The steps in these articles did not resolve this issue:

Create, sign, and import an SSL certificate signed by a Trusted Certificate Authority for the Enforce Console Certificate

Unable to import certificate into SMTP Prevent keystore: "Input not an X.509 certificate"

Configuring the server certificate on the Enforce Server

Release: 15.8

The older JRE version was causing this issue.
They had version 1.8.0.202 installed.

In DLP 15.8, update the JRE version to one of the supported versions of OpenJRE.
In this case, we updated the JRE to jdk8u262-b10_jre.