WSA with public Certificate error

Ali mosbah Abdo · ‎10-25-2015

hi all,

i purchase a new certificate from public certificate authority , but when i try to upload the certificate with the key i get this error:

Error

—

Certificate upload failed. The certificate file appears to be a server certificate. A signing certificate is required.

really i am confused with the certificate should i use with WSA 2048 bit.

please any help

BR

Atazazuddin Shaikh · ‎10-26-2015

Ali

Thanks for reaching out, Enclosing a quick videos that provides details steps for current supported options for "certificates" on WSA.

1. https://www.youtube.com/watch?v=1g_96XYnkz4

2. https://supportforums.cisco.com/video/11932521/steps-enable-https-proxy-wsa-uploading-rootintermediate-

certificate-option

Regards,

Zack

Felipe Guimaraes · ‎10-26-2015

Hello,

You need to provide a root certificate, that means, a certificate that can sign a connection, because WSA for https acts as a man in the middle, it will open a https stream, will inspect the contents and will re-encrypt with this certificate, because of course the site owners will not provide their private key.

Handy Putra · ‎10-27-2015

Hi Ali,

Another more information on what WSA uses for HTTPS proxy certificate, please see below document:

http://www.cisco.com/c/en/us/support/docs/security/web-security-appliance/117792-technote-wsa-00.html

It will also advised the different between server certificate and root signed certificate that WSA require.