06-28-2018 06:15 AM - edited 03-08-2019 07:45 PM
Hi Guys,
I have two WSA S170 and i want to enable HTTPS proxy, but i don't have root certificate. My question is how can i get a root certificate and how can i uses the certificate to enable HTTPS proxy
Thanks
Ermias
06-28-2018 06:19 AM
06-28-2018 07:52 AM
Assuming you're a Microsoft shop, you can spin up a VM and install the Certificate Authority role as an Enterprise CA. That will put the ROOT of the CA in your AD, and replicate it to your workstations. Then from the CA issue a subordinate CA cert and use that on your WSAs.
OR
Use the demo certs that came with one of the WSAs. Download them, and then add the to a group policy as a "Trusted Root" cert and make sure all of your machines get it.
Some resources:
Steps to configure HTTPS Proxy and CSR Option on Web Security Appliance: https://www.youtube.com/watch?v=1g_96XYnkz4&feature=youtu.be
Steps to enable HTTPS proxy on (WSA) & Uploading Root/Intermediate certificate option.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: