DLP Mac Endpoint Agents shows "Outlook addin certificate not deployed" critical alert
search cancel

DLP Mac Endpoint Agents shows "Outlook addin certificate not deployed" critical alert

book

Article ID: 246834

calendar_today

Updated On:

Products

Data Loss Prevention Core Package

Issue/Introduction

When trying to use the Mac DLP Endpoint Agent Outlook on-send addin, the agent shows the following critical alert:

"Outlook addin certificate not deployed"

In addition, the addin does not function as no incident is generated and no popup occurs.

Environment

Release : 15.8, 16.0

Cause

The addin_truststore.cer from the wrong Enforce server was added to the MDM profile or imported into the Mac keychain. You need to use the addin_truststore.cer file from the Enforce server that created the package that was used to install the agents.

Refer to the Note at Deploying the truststore certificate for the on-send web add-in for Outlook on macOS endpoints

Note

The addin_truststore.pem file is unique to the Enforce Server that you used to generate the agent installation package. If you have deployed more than one Enforce Server, make sure that you follow these instructions to deploy the truststore certificates for all of the Enforce Servers

Resolution

Use the addin_truststore.cer file from the same agent package that was used to install the Mac Agents to import to your MDM profile. Once you have the correct certificate file imported, the critical alert should go away and the addin should allow you to block email through Outlook and generate incidents.

In case you do not use Outlook in your environment but Mac Agents still report this error - you need to disable the Outlook channel in Agent configuration.