You receive the error "keytool error java.lang.exception input not an x.509 certificate" when you try to update the certificate on the Symantec Data Loss Prevention (DLP) Enforce and Detection servers.
The steps in these articles did not resolve this issue:
The older JRE version was causing this issue.
They had version 220.127.116.11 installed.
In DLP 15.8, update the JRE version to one of the supported versions of OpenJRE.
In this case, we updated the JRE to jdk8u262-b10_jre.