What Certificates, keystores and keys are used on Symantec Data Loss Prevention OCR (Optical Character Recognition) Servers, version 15.x.
DLP 15.x
OCR Servers(only supported on Windows)
Default Windows keystore Path: <DRIVE>:\SymantecDLPOCR\Protect\keystore\ocr_keystore.jks
Default Private Key Alias: ocrserver
Default Detection Server Alias: det_cert
Default keystore password: symantecocr
OCR Clients(DLP Detection Servers, supported on Windows or Linux)
Default Windows Path: <DRIVE>:\Program Files\Symantec\DataLossPrevention\DetectionServer\<version>\Protect\keystore\det_ocr_keystore.jks
Default Detection Server Alias: detserver
Default OCR Server Alias: ocr_cert
Default keystore password: symantecocr
-------------------------------------------------------------------------------------------
Starting from build 16.0, the OCR servers are no longer using a keystore file.
Instead, the “...\Program Files\Symantec\DataLossPrevention\OCRServer\<version>\Protect\keystore” directory now contains a .key file with raw key material, and two .crt files - a client and a server certificate.
Below are links to the online help pages that describes how to configure TLS trust between OCR server and DLP detection server in versions 16.0.x: