Enrollment for Cloud Service throws error about "signerInfo".

Error: DLP-5000 - Could not for signerInfo for CN=Symantec Corporation - Symantec Shared Services CA, O=Symantec Corporation - Symantec Shared Services. 

This may be due either to an invalid enrollment bundle, or a misconfiguration in the connection between the Enforce Server and a proxy. If you are not using a proxy, please request a new bundle.

Release : 15.8+

Unknown at this time.

To begin with, ensure the steps outlined in this KB have been followed, to ensure the Enforce Server has connectivity required for enrollment:

DLP Cloud Service enrollment: error requesting client certificate from Symantec Managed PKI Service (broadcom.com)

In some cases, a newly issued enrollment bundle will solve the issue - if connectivity is otherwise successful, contact Technical Support referring to this KB for a new bundle.

If the new bundle does not solve the issue, the solution is similar to the one in Cloud detector showing “disconnected” after bundle upload to Enforce (broadcom.com).

As per that KB, to specifically address the level impacting this issue, add the following line to the ManagerLogging.properties file:

#dropping JSCEP Log Level

org.jscep.level=INFO

Once the change is saved, recycle the SymantecDLPManager service.

Next steps - a new bundle will again be required:

1. Delete any disconnected Cloud Detectors from the UI of the Enforce Server (click the red "X" on the far right of the Detector and confirm the dialogue).
2. Support will provide new bundles at this point.
3. Enroll with the new bundles, and look for the successful enrollment code: 4200 - "Cloud Service enrollment: client certificate successfully obtained from Symantec Managed PKI Service"
4. It may take a moment for the Detector to show as "Connected". If it does not update within a few minutes, restart the SymantecDLPDetectionServerController service on the Enforce Server (you can also use the recycle function for the process in the Enforce UI).