search cancel

DLP quarantine fails remediating SharePoint site

book

Article ID: 226385

calendar_today

Updated On:

Products

Data Loss Prevention Network Discover

Issue/Introduction

You set up a Symantec Data Loss Prevention (DLP) SharePoint discover scan target with quarantine configured to move files to a file share. The quarantine action fails and you find the following remediation errors in the FileReader logs of the Network Discover server:

Oct 18, 2021 8:06:33 AM com.symantec.dlp.remediation.logging.Reporter <init>
INFO: Protect Thread 'Message chain #1': Starting remediation for https://your.sharepoint.com/project/yourFile.pdf

Oct 18, 2021 8:06:33 AM com.symantec.dlp.remediation.logging.Reporter report
INFO: Protect Thread 'Message chain #1': Finished remediation for https://your.sharepoint.com/project/yourFile.pdf

Oct 18, 2021 8:06:34 AM com.symantec.dlp.sharepointapi.SharePointHttpClient postSOAPXML
SEVERE: SOAP Request Failed : sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Oct 18, 2021 8:06:34 AM com.symantec.dlp.sharepointapi.SharePointNode <init>
SEVERE: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Oct 18, 2021 8:06:34 AM com.symantec.dlp.remediation.logging.Reporter report
INFO: Protect Thread 'pool-9-thread-16': Finished remediation for https://your.sharepoint.com/project/yourFile.pdf

Oct 18, 2021 8:06:34 AM com.symantec.dlp.remediation.async.request.QuarantineRequestSubTaskHandler handleSubTask
SEVERE: Quarantine failed for item https://your.sharepoint.com/project/yourFile.pdf
com.symantec.dlp.remediation.enforce.sharepoint.SharePointRemediatorException: Failed to quarantine SharePoint file

Cause

The certificate authority (CA) that issued the certificate to the SharePoint site is not in the java cacerts keystore file.

Environment

Release : 15.8

Component : Network Discover

Resolution

Obtain a copy of the root CA certificate (e.g., myRootCA.pem) and import it into the cacerts keystore file (default locations listed below).

Linux:

keytool -importcert -file myRootCA.pem -alias myRootCA -keystore /opt/AdoptOpenJRE/jdk8u262-b10-jre/lib/security/cacerts -storepass changeit

Windows:

keytool -importcert -file myRootCA.pem -alias myRootCA -keystore c:\"Program Files"\AdoptOpenJRE\jdk8u262-b10-jre\lib\security\cacerts -storepass changeit