Back up the CA Root Certificate
If your company uses an internal Certificate Authority (for example, you use your own CA server and your own certificates), Symantec recommends that you back up the CA root certificate as part of your disaster recovery plan.
Complete the following steps to back up the CA root certificate:
- Open a command prompt.
- Change the directory to where the CA root certificate file is located.
- Run the following command to export the certificate in.crtformat.keytool -exportcert -keystore CARoot.jks -alias [exampledomain].com -file CA.crt
- Import the.crtfile into thecacertsfile by completing the following steps.
- Run one of the following commands based on your server platform:
- Windows:cd: C:\Program Files\AdoptOpenJRE\jdk8u<version>-jre\lib\securitykeytool -importcert -alias [exampledomain].com -keystore cacerts -file\path\to\CA.crt
- Linux:cd /opt/AdoptOpenJRE/jdk8u<version>-jre/lib/security/keytool -importcert -alias [exampledomain].com -keystore cacerts -file/path/to/CA.crt
- Enter the cacerts password:changeit.
- Locate theIntermediate.crtfile, root CA, and SSL cert files.
- Import the certificates into the cacerts by completing the following steps:
- Run one of the following commands based on your server platform:
- Windows:keytool -importcert -alias SSL -keystore cacerts -file\path\to\SSL.crt
- Linux:keytool -importcert -alias SSL -keystore cacerts -file/path/to/SSL.crt
- Enter the password for cacerts:changeit.
- Restart theSymantecDLPManagerService.