search cancel

How to Renew the "DLP Root Certification Authority"

book

Article ID: 239550

calendar_today

Updated On:

Products

Data Loss Prevention Data Loss Prevention Core Package Data Loss Prevention Enforce Data Loss Prevention Discover Suite Data Loss Prevention Endpoint Suite Data Loss Prevention Enterprise Suite

Issue/Introduction

The "DLP Root Certification Authority" certificate has expired, or otherwise needs to be renewed.

This certificate has expired or is not yet valid.

Resolution

How to Locate the DLP Root CA Certificate:

  1. Log into the Enforce Console
  2. System > Settings > General
  3. Scroll down to the "Endpoint and Network Discover Communications Settings"
  4. Here you will see a keystore name listed, this is the keystore that contains your DLP Root Certification Authority.
  5. Default Keystore Location and Name
    • C:\ProgramData\Symantec\DataLossPrevention\EnforceServer\15.8.00000\keystore\certificate_authority_v1.jks

 

How to update your DLP Root Certification Authority:

  1. Rename or remove the old "certificate_authority_v1.jks"
  2. Restart the DLP Services
  3. When the services come back online it will automatically recreate this missing certificate for you.
  4. You should now see a "certificate_authority_v2.jks" has been created.

Attachments