Please do the following and mark as solution if it works:
1. Log on to the Console, and then click Admin.
2. In the Admin pane, under Tasks, click Servers.
3. Under View Servers, expand Local Site, and then click the computer name that identifies the local site.
4. Under Tasks, click Manage Server Certificate.
5. In the Welcome panel, click Next.
6. In the Manage Server Certificate panel, check Update the Server Certificate, and then click Next.
7. Under Select the type of certificate to import, check JKS keystore, and then click Next.
If you have implemented one of the other certificate types, select that type.
8. In the JKS Keystore panel, click Browse, locate and select your backed up keystore_timestamp.jks keystore file, and then click OK.
9. Open your disaster recovery text file, and then select and copy the keystore password.
10. Activate the JKS Keystore dialog box, and then paste the keystore password into the Keystore and Key boxes.
The only supported paste mechanism is Ctrl + V.
11. Click Next.
If you get an error message that says you have an invalid keystore file, it is likely you entered invalid passwords. Retry the password copy and paste. This error message is misleading.
12. In the Complete panel, click Finish.
13. Log off the Console.
14. Click Start > Settings > Control Panel > Administrative Tools > Services.
15. In the Services window, right-click Symantec Endpoint Protection Manager, and then click Stop.
Do not close the Services window until you are finished with disaster recovery and reestablish client communications.
16. Right-click Symantec Endpoint Protection Manager, and then click Start.
By stopping and starting Symantec Endpoint Protection Manager, you fully restore the certificate.
Regards