ArticlesArticles Most Popular ArticlesMost Popular Articles Most Helpful ArticlesMost Helpful Articles
RSS Feeds
DrillDown Icon Table of Contents
DrillDown Icon Home
DrillDown Icon Cyberoam Security Appliances (UTM and NGFW)
DrillDown Icon Common Criteria (EAL4+) Compliant CyberoamOS
DrillDown Icon Version 10.X
DrillDown Icon Migrating to V 10.X
DrillDown Icon Release Notes
DrillDown Icon Guides
DrillDown Icon Virtual Security on the Amazon Cloud
DrillDown Icon Quick Start Guides
DrillDown Icon Cyberoam CA Certificate Management
DrillDown Icon Product Datasheets & Techsheets
DrillDown Icon Version 9.x
DrillDown Icon IPS Release Notes
DrillDown Icon Application Filter Release Notes
DrillDown Icon Cyberoam Migration Assistant Guide
DrillDown Icon Cyberoam Virtual Appliances
DrillDown Icon Cyberoam Central Console
DrillDown Icon Cyberoam's On-Cloud Management Service
DrillDown Icon Cyberoam iView – Logging & Reporting
DrillDown Icon Clients
  Email This ArticlePrint PreviewPrint Current Article and All Sub-Articles
Rate Icon Rate Icon Rate Icon Rate Icon Rate Icon
Cyberoam CA Certificate Management
When SSL content inspection for HTTPS traffic is enabled on Cyberoam, the web browsers prompt a warning message if the Certificate Authority (CA) for the certificate used by the Cyberoam SSL inspection is not known by the browser.  For this, you need to import Cyberoam SSL Proxy certificate in Internet Explorer and Firefox Mozilla for decryption on SSL Inspection. 
Internet Explorer displays the following warning page:


If you click on "Continue to this website (not recommended)", the certificate is temporarily accepted for this connection, but the same message will be prompted at the next connection or when accessing any other HTTPS site.

To avoid any further warning messages, store the Cyberoam root CA permanently. Follow the steps given below to download and install CA Certificate:

Step 1: Download the SSL CA Certificate to your local machine

Go to System à Certificate à Certificate Authority and click on the download icon under Manage column to download the Certificate, as shown below. Save it in your local machine.


Step 2: Install Certificate in Trusted Certification List in your Browser

Internet Explorer
·         On the Menu Bar, click Tools à Internet Options to display the Internet Options window.
·         Select Content tab and, under Certificates section, click Certificates to display Certificates Window.
·         Select Trusted Root Certification Authorities tab and click the Import button to start Certificate Import Wizard.
·         Import the Certificate downloaded in step 2 using this wizard.
·         On the Menu Bar, click Tools à Options to display the Options window.
·         Select Advanced tab under which select Encryption tab. 
·         Click View Certificate to display the Certificate Manager window.
·         Select Authorities tab and click Import.
·         Select the Certificate downloaded in step 2 and click Open
·         In the Downloading Certificate window, select Trust this CA to identify websites and click OK. 

Step 3: Install Certificate in Local Machine’s Trusted Root Authority Container
               ·         Open the Microsoft Management Console by typing "MMC" in the run box.
       ·         Add the certificates Snap-in by selecting FILE à ADD/REMOVE SNAP-IN...
               ·         Select Certificates from the list and click Add to display Certificates Snap-in window.
               ·         Select the Computer Account and click Next.
               ·         Click Finish and close the list of snap-ins.
               ·         Click OK to add the certificates snap-in, which should now be visible in the Add/Remove Snap-ins window.
               ·         Expand the list of certificate containers, right click Trusted Root Authorities and choose All Tasks à Import to start Certificate Import Wizard.
               ·         Import the Certificate downloaded in step 2 using this wizard.

If you have not uploaded certificate in your machine, you might not be able to update Micorsoft Windows when HTTPS scanning is enabled on Cyberoam.
Article ID: 300