Back up the CA Root Certificate

If your company uses an internal Certificate Authority (for example, you use your own CA server and your own certificates), Symantec recommends that you back up the CA root certificate as part of your disaster recovery plan.
Complete the following steps to back up the CA root certificate:
  1. Open a command prompt.
  2. Change the directory to where the CA root certificate file is located.
  3. Run the following command to export the certificate in
    .crt
    format.
    keytool -exportcert -keystore CARoot.jks -alias [exampledomain].com -file CA.crt
  4. Import the
    .crt
    file into the
    cacerts
    file by completing the following steps.
    1. Run one of the following commands based on your server platform:
      • Windows:
        cd: C:\Program Files\AdoptOpenJRE\jdk8u<version>-jre\lib\security
        keytool -importcert -alias [exampledomain].com -keystore cacerts -file
        \path\to\
        CA.crt
      • Linux:
        cd /opt/AdoptOpenJRE/jdk8u<version>-jre/lib/security/
        keytool -importcert -alias [exampledomain].com -keystore cacerts -file
        /path/to/
        CA.crt
    2. Enter the cacerts password:
      changeit
      .
  5. Locate the
    Intermediate.crt
     file, root CA, and SSL cert files.
  6. Import the certificates into the cacerts by completing the following steps:
    1. Run one of the following commands based on your server platform:
      • Windows:
        keytool -importcert -alias SSL -keystore cacerts -file
        \path\to\
        SSL.crt
      • Linux:
        keytool -importcert -alias SSL -keystore cacerts -file
        /path/to/
        SSL.crt
    2. Enter the password for cacerts:
      changeit
      .
  7. Restart the
    SymantecDLPManagerService
    .