HTTP > HTTPS Decryption> Settings | Certificate Authority
By default, IWSVA acts as a private Certificate Authority (CA) and dynamically generates
digital certificates that are sent to client browsers to complete a secure passage
for HTTPS connections. However, the default CA is not signed by a well-known (trusted)
CA on the Internet. Client browsers always display a certificate warning every time
users access an HTTPS Web site. Although users can safely ignore the certificate warning,
Trend Micro recommends using a signed root certificate for IWSVA.
Import CA
Use this section to import a CA certificate to IWSVA. Before you start, you should
already have a certificate from a well-known CA.
 |
Note
-
- IWSVA supports certificates using only Base64-encoded certificate and RSA-based
encrypted private key in PEM file format only.
- To stop a certificate warning screen from being displayed on users computers when
accessing a secured Web site, set the certificate as a trusted certificate for all
users.
- Also, add the relative certificates to the Trusted Root Certificate Authorities
list in the appropriate web browser. For IE, go to Tools > Internet Options > Content (tab) > Certificates (button) > Trusted Root Certification
Authorities (tab) > Import (button).
|
-
Certificate—Click Browse to select a certificate file.
-
Private
Key—Click Browse to locate the private key associated with the CA certificate. The private key is
provided together with your certificate from the well-known CA.
-
Passphrase—Type the passphrase if you provided this information when applying for
the CA certificate.
-
Confirm
passphrase—Type the passphrase again.
After you have specified the information, click Import CA.
Export CA
Use this section to export and back up the CA certificate and the associated private
key.
