cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3736
Views
1
Helpful
2
Replies

WSA Certificate Problem

marcio.tormente
Level 4
Level 4

Hello folks!

I'm configure some profiles on the WSA to allow my white list and almost work everything, just one URL show that is not possible to open because the certificate error.

If I take of the proxy works fine, for this reason I believe that is some configuration problem on my WSA.

My configuration Manager is 9.1

Anyone can help?

1 Accepted Solution

Accepted Solutions

Farhan Mohamed
Cisco Employee
Cisco Employee

For some reason, sometimes the WSA has an issue with an intermediate cert/cert chain.  You can upload the intermediate and/or root to clear it up.

Go to the site using a browser that isn't behind the WSA.  Click on the lock in the address bar so it shows you the cert.  View the cert chain and save the intermediate and root certso as base64 files.  Go to the gui on the WSA, Network/Certificate Management/Manage Root Certs and upload these two certs.  

Once uploaded, check the On Cisco List column.  If it says yes you can delete that one...  submit/commit

View solution in original post

2 Replies 2

Farhan Mohamed
Cisco Employee
Cisco Employee

For some reason, sometimes the WSA has an issue with an intermediate cert/cert chain.  You can upload the intermediate and/or root to clear it up.

Go to the site using a browser that isn't behind the WSA.  Click on the lock in the address bar so it shows you the cert.  View the cert chain and save the intermediate and root certso as base64 files.  Go to the gui on the WSA, Network/Certificate Management/Manage Root Certs and upload these two certs.  

Once uploaded, check the On Cisco List column.  If it says yes you can delete that one...  submit/commit

Very helphul information, we have the same issue with Usertrust certificates we added in Manage Root Certs and after commit we are able to see domain without certs problems.

Regards