Update the old server certificates.
Locate your keystore file and your server.xml file.
The keystore file name is keystore_<timestamp></timestamp>.jks. The keystore contains the private-public key pair and the self-signed certificate. The server.xml file name is server_<timestamp></timestamp>.xml.
The password is used for both storepass and keypass. Storepass protects the JKS file. Keypass protects the private key. You enter these passwords to restore the certificate.
The password string looks like the below:
keystorePass=WjCUZx7kmX$qA1u1
To restore the server certificate
- Log on to the Console, and then click Admin.
- In the Admin pane, under Tasks, click Servers.
- Under View Servers, expand Local Site, and then click the computer name that identifies the local site.
- Under Tasks, click Manage Server Certificate.
- In the "Welcome" panel, click Next.
- In the Manage Server Certificate panel, check Update the Server Certificate and click Next.
- Under "Select the type of certificate to import", check JKS keystore and click Next.
Note: If you have implemented one of the other certificate types, select that type.
- In the "JKS Keystore" panel, click Browse, locate and select your backed up as "keystore_<timestamp></timestamp>.jks" keystore file, and then click OK.
- Open your disaster recovery text file and then select and copy the keystore password.
- Activate the "JKS Keystore" dialog box and then paste the keystore password into the "Keystore" and "Key" boxes.
Note: The only supported paste mechanism is Ctrl + V.
- Click Next.
Note: If you get an error message that says you have an invalid keystore file, it is likely you entered invalid passwords. Retry the password copy and paste process as described above.
- In the "Complete" panel, click Finish.
- Log off of the Console.
- Click Start> Settings> Control Panel> Administrative Tools> Services.
- In the "Services" window, right-click Symantec Endpoint Protection Manager and click Stop.
Note: Do not close the Services window until you are finished with disaster recovery and establish client communications.
- Right-click Symantec Endpoint Protection Manager and click Start.
Note: By stopping and starting Symantec Endpoint Protection Manager, you fully restore the certificate.
-