Enforce console loads old certificate even after importing new certificate to tomcat keystore
search cancel

Enforce console loads old certificate even after importing new certificate to tomcat keystore

book

Article ID: 273884

calendar_today

Updated On:

Products

Data Loss Prevention Enforce Data Loss Prevention Data Loss Prevention Core Package

Issue/Introduction

When a new certificate is imported by following steps from KB 160518 in a tomcat keystore (using a new alias name) enforce console loads with old certificate. 

Environment

Release : NA

Cause

Java finds the first matching CN key in the keystore and loads the certificate, even though there is a newer certificate with matching CN value.

Resolution

Backup the keystore and delete the alias with older certificate using below command.

keytool -delete -alias <alias_name>  -keystore <ketstore_path>  -storepass <keystore_password>

Restart SymantecDLPManagerService and check if new certificate is loaded.

Powered by Wolken Software