SSL Inspection Advanced
Quantum Spark 1500, 1600 and 1800 Appliance Series R80.20.40 Locally Managed Administration Guide | 197
SSL Inspection Advanced
To enable SSL web traffic inspection, you must first establish trust between the clients and the gateway.
An important part of the HTTPS inspection support is the validation of the server's certificate. This requires
validating the signing CA of the server certificates.
On the SSL Inspection Advanced page, you can manage trusted certificate authorities. The gateway has a
built-in predefined list of trusted CAs, based on the Mozilla/LibCurl Trusted CA list. Only a server certificate
signed by one of those CAs is recognized as a valid certificate. The table shows the list of trusted CAs.
Trusted CA types:
n
Default from the gateway - These CAs can be disabled but not deleted.
n
Added by user - These CAs can be deleted.
To add a CA manually to the trusted CA list:
1. Click Add.
The Add a Trusted CA window opens.
2. Click Browse to select a trusted CA file.
3. Optional - Click Preview to view the CA.
4. Click Apply.
To delete a trusted CA:
1. Click the icon next to the CA.
2. Click Delete.
Note - You can only delete a CA that was added by a user.
To disable/enable a trusted CA:
1. Click the icon next to the CA.
2. Click Disable/Enable.
To Next Page
Loading...
Need help?
General
