06-28-2018 06:15 AM - edited 03-08-2019 07:45 PM
Hi Guys,
I have two WSA S170 and i want to enable HTTPS proxy, but i don't have root certificate. My question is how can i get a root certificate and how can i uses the certificate to enable HTTPS proxy
Thanks
Ermias
06-28-2018 06:19 AM
06-28-2018 07:52 AM
Assuming you're a Microsoft shop, you can spin up a VM and install the Certificate Authority role as an Enterprise CA. That will put the ROOT of the CA in your AD, and replicate it to your workstations. Then from the CA issue a subordinate CA cert and use that on your WSAs.
OR
Use the demo certs that came with one of the WSAs. Download them, and then add the to a group policy as a "Trusted Root" cert and make sure all of your machines get it.
Some resources:
Steps to configure HTTPS Proxy and CSR Option on Web Security Appliance: https://www.youtube.com/watch?v=1g_96XYnkz4&feature=youtu.be
Steps to enable HTTPS proxy on (WSA) & Uploading Root/Intermediate certificate option.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide