Cisco Cisco Web Security Appliance S190 Guía Del Usuario
22-25
AsyncOS 10.0 for Cisco Web Security Appliances User Guide
Chapter 22 Perform System Administration Tasks
Certificate Management
Certificate Management
The appliance uses digital certificates to establish, confirm and secure a variety of connections. The
Certificate Management page lets you view and update current certificate lists, manage trusted root
certificates, and view blocked certificates.
Certificate Management page lets you view and update current certificate lists, manage trusted root
certificates, and view blocked certificates.
Related Topics
•
•
•
•
About Certificates and Keys
When a browser prompts its user to authenticate, the browser sends the authentication credentials to
the Web Proxy using a secure HTTPS connection. By default, the Web Security appliance uses the
“Cisco Web Security Appliance Demo Certificate” that comes with it to create an HTTPS connection
with the client. Most browsers will warn users that the certificate is not valid. To prevent users from
seeing the invalid certificate message, you can upload a certificate and key pair that your applications
recognize automatically.
the Web Proxy using a secure HTTPS connection. By default, the Web Security appliance uses the
“Cisco Web Security Appliance Demo Certificate” that comes with it to create an HTTPS connection
with the client. Most browsers will warn users that the certificate is not valid. To prevent users from
seeing the invalid certificate message, you can upload a certificate and key pair that your applications
recognize automatically.
Related Topics
•
•
•
Managing Trusted Root Certificates
The Web Security appliance ships with and maintains a list of trusted root certificates. Web sites with
trusted certificates do not require decryption.
trusted certificates do not require decryption.
You can manage the trusted certificate list, adding certificates to it and functionally removing certificates
from it. While the Web Security appliance does not delete certificates from the master list, it allows you
to override trust in a certificate, which functionally removes the certificate from the trusted list.
from it. While the Web Security appliance does not delete certificates from the master list, it allows you
to override trust in a certificate, which functionally removes the certificate from the trusted list.
To add, override or download a trusted root certificate:
Step 1
Choose Network > Certificate Management.
Step 2
Click Manage Trusted Root Certificates on the Certificate Management page.
Step 3
To add a custom trusted root certificate with a signing authority not on the Cisco-recognized list:
Click Import and then browse to, select, and Submit the certificate file.
Step 4
To override the trust for one or more Cisco-recognized certificates:
a.
Check the Override Trust checkbox for each entry you wish to override.
b.
Click Submit.