I realize DLP 12.5 is old, and we have a plan to be at 14.6 by the end of the year. In the meantime, Data Insight was upgraded to 5.2, and now DLP cannot even pull the certificate from DI. I get the error A connection could not be established to the specified server - "https://<server name>:443/". when I try to pull the cert. A packet capture from DLP Enforce shows the TLS Client Hello, followed immediately by a 61 Alert: Handshake failure from the DI server. Further inspection shows that the TLS version from DLP appears to be v1.0 (attachment "from enforce.PNG") while the TLS version from DI appears to be v1.2 (attachment "from DI.PNG"). My question is, how do I force DLP to use TLSv1.2 when trying to grab this cert? I have already followed the guide linked below, with no luck.
https://support.symantec.com/en_US/article.TECH231996.html