Certificate error when launching DLP Enforce Server login
search cancel

Certificate error when launching DLP Enforce Server login

book

Article ID: 169676

calendar_today

Updated On:

Products

Data Loss Prevention Enforce Data Loss Prevention

Issue/Introduction

Attempting to bring up Enforce Server login page and getting the following error.

There is a problem with this website's security certificate.
 

The security certificate presented by this website was issued for a different website's address and the security certificate presented by this website was not issued by a trusted certificate authority.

 

Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.

 

We recommend that you close this webpage and do not continue to this website.

Cause

The system the user is accessing Enforce Server from does not trust the certificate in tomcat folder.

Resolution

Two options to fix:

  1. Manually verify/fix this via the web browser. This will need to be done with all web browsers, from every system used to access the Enforce Server.
    OR
  2. The following KB should resolve this as well - https://support.symantec.com/en_US/article.TECH221433.html


If the issue still persists, you may need to perform the following:

  • Download the JKS with the Private Key included not including the root chain. 
  • Install the Root CA into the cacerts keystore withing /jre/lib/security/cacerts
  • Point server.xml within /opt/SymantecDLP/Protect/tomcat/conf/server.xml to the JKS file that was generated from Venafi