Cyberoam CA Certificate Management
 
When SSL content inspection for HTTPS traffic is enabled on Cyberoam, the web browsers prompt a warning message if the Certificate Authority (CA) for the certificate used by the Cyberoam SSL inspection is not known by the browser.  For this, you need to import Cyberoam SSL Proxy certificate in Internet Explorer and Firefox Mozilla for decryption on SSL Inspection. 
  
Internet Explorer displays the following warning page:
 

 


If you click on "Continue to this website (not recommended)", the certificate is temporarily accepted for this connection, but the same message will be prompted at the next connection or when accessing any other HTTPS site.

To avoid any further warning messages, store the Cyberoam root CA permanently. Follow the steps given below to download and install CA Certificate:
 

Step 1: Download the SSL CA Certificate to your local machine

Go to System à Certificate à Certificate Authority and click on the download icon under Manage column to download the Certificate, as shown below. Save it in your local machine.

 



Step 2: Install Certificate in Trusted Certification List in your Browser

Internet Explorer
 
·         On the Menu Bar, click Tools à Internet Options to display the Internet Options window.
·         Select Content tab and, under Certificates section, click Certificates to display Certificates Window.
·         Select Trusted Root Certification Authorities tab and click the Import button to start Certificate Import Wizard.
·         Import the Certificate downloaded in step 2 using this wizard.
 
Firefox
 
·         On the Menu Bar, click Tools à Options to display the Options window.
·         Select Advanced tab under which select Encryption tab. 
·         Click View Certificate to display the Certificate Manager window.
·         Select Authorities tab and click Import.
·         Select the Certificate downloaded in step 2 and click Open
·         In the Downloading Certificate window, select Trust this CA to identify websites and click OK. 
 


Step 3: Install Certificate in Local Machine’s Trusted Root Authority Container
               ·         Open the Microsoft Management Console by typing "MMC" in the run box.
       ·         Add the certificates Snap-in by selecting FILE à ADD/REMOVE SNAP-IN...
               ·         Select Certificates from the list and click Add to display Certificates Snap-in window.
               ·         Select the Computer Account and click Next.
               ·         Click Finish and close the list of snap-ins.
               ·         Click OK to add the certificates snap-in, which should now be visible in the Add/Remove Snap-ins window.
               ·         Expand the list of certificate containers, right click Trusted Root Authorities and choose All Tasks à Import to start Certificate Import Wizard.
               ·         Import the Certificate downloaded in step 2 using this wizard.

Note:
 
If you have not uploaded certificate in your machine, you might not be able to update Micorsoft Windows when HTTPS scanning is enabled on Cyberoam.