Hoping someone else here has some advice or has had any experience like this. I am trying to get the DLP 14.0 domain controller agent running on a Windows Server 2012 to our DLP 14.0.1 RHEL 6 Enforce server using signed certificates, but I keep getting this error in the agent logs:
09/27/16 10:04:22 [0x00003518] ERROR EnforceHttpsClient - POST EVENTS::: Failed to complete Enforce HTTPS request. CURL code: 77. Error: Problem with the SSL CA cert (path? access rights?) [EnforceHttpsClient.cpp(219)]
I have tried replacing the Enforce server's certs with new ones, signed by our in-house CA, but still not having any luck. The agent does seem to be connecting to the Active Directory server successfully and is seeing the events from that side, but it can't connect to the Enforce server to write the data back out.
Part of the problem troubleshooting this is that there are at least three different keystores on the enforce server and I can't tell which one is the culprit here:
- /opt/SymantecDLP/Protect/keystore/enforce.Wed_Jan_06_15_14_59_CST_2016.sslKeyStore
- /opt/SymantecDLP/Protect/tomcat/conf/truststore.jks
- /opt/SymantecDLP/Protect/tomcat/conf/.keystore
Anybody have any suggestions or experience with Windows/Linux connectivity with the Domain Control Agent?