Recreating Forcepoint DLP certificates

The Modify menu includes an option to re-certify the server. This is not recommended except in extreme security breaches. When security certificates are recreated:

• All agents and servers must re-register (see Re-registering Forcepoint DLP components for instructions).
• All agents and servers must repeat the Reestablish Connection process.
• All endpoint clients must be reinstalled. This requires the following steps:
  1. Uninstall the existing endpoint software.
  2. Create a new endpoint package (the existing package cannot be reused).
  3. Use SMS or a similar mechanism to install the new package on the endpoints.

     See Installing and Deploying Endpoint Clients for more information on uninstalling endpoints.

When it first authenticates, the management server trades certificates with the other servers and endpoints in the network.

To re-run the security communication between Forcepoint DLP components:

1. Start the Forcepoint Security Installer:
   • If extracted installation files were saved, select Forcepoint Security Setupfrom the Windows Start screen or the Forcepoint folder in the Start menu.
   • If the shortcut does not exist, double-click the installer executable.
2. In Modify Installation dashboard, click the Modify link for Forcepoint DLP.
3. In the installation wizard, select Modify.
4. On the Recreate Certificate Authority screen, select Recreate Certificate Authority.
5. Complete the installation wizard as prompted.