Certificates, keystores and keys used on Symantec Data Loss Prevention 15.x OCR (Optical Character Recognition) Servers
search cancel

Certificates, keystores and keys used on Symantec Data Loss Prevention 15.x OCR (Optical Character Recognition) Servers

book

Article ID: 225903

calendar_today

Updated On:

Products

Data Loss Prevention Data Loss Prevention Sensitive Image Recognition

Issue/Introduction

What Certificates, keystores and keys are used on Symantec Data Loss Prevention OCR (Optical Character Recognition) Servers, version 15.x.

Environment

DLP 15.x

Resolution

OCR Servers(only supported on Windows)

Default Windows keystore Path: <DRIVE>:\SymantecDLPOCR\Protect\keystore\ocr_keystore.jks

Default Private Key Alias: ocrserver

Default Detection Server Alias: det_cert

Default keystore password: symantecocr

 

OCR Clients(DLP Detection Servers, supported on Windows or Linux)

Default Windows Path: <DRIVE>:\Program Files\Symantec\DataLossPrevention\DetectionServer\<version>\Protect\keystore\det_ocr_keystore.jks

Default Detection Server Alias: detserver

Default OCR Server Alias: ocr_cert

Default keystore password: symantecocr

-------------------------------------------------------------------------------------------

Starting from build 16.0, the OCR servers are no longer using a keystore file.
Instead, the “...\Program Files\Symantec\DataLossPrevention\OCRServer\<version>\Protect\keystore” directory now contains a .key file with raw key material, and two .crt files - a client and a server certificate. 

Below are links to the online help pages that describes how to configure TLS trust between OCR server and DLP detection server in versions 16.0.x:

https://techdocs.broadcom.com/us/en/symantec-security-software/information-security/data-loss-prevention/16-0/about-data-loss-prevention-policies-v27576413-d327e9/setting-up-TLS-trust.html

https://techdocs.broadcom.com/us/en/symantec-security-software/information-security/data-loss-prevention/16-0-1/about-data-loss-prevention-policies-v27576413-d327e9/setting-up-TLS-trust.html 

https://techdocs.broadcom.com/us/en/symantec-security-software/information-security/data-loss-prevention/16-0-2/about-data-loss-prevention-policy-authoring/setting-up-tls-trust.html