Cisco Cisco Web Security Appliance S170 Guia Do Utilizador
10-17
Cisco IronPort AsyncOS 7.1 for Web User Guide
OL-23207-01
Chapter 10 Decryption Policies
Decrypting HTTPS Traffic
problem with the website’s security certificate. Usually, the error message says
that the website’s security certificate was not issued by a trusted certificate
authority or the website was certified by an unknown authority. Some other client
applications do not show this warning message to users nor allow users to accept
the unrecognized certificate.
that the website’s security certificate was not issued by a trusted certificate
authority or the website was certified by an unknown authority. Some other client
applications do not show this warning message to users nor allow users to accept
the unrecognized certificate.
Note
You can also upload an intermediate certificate that has been signed by a root
certificate authority. When the Web Proxy mimics the server certificate, it sends
the uploaded certificate along with the mimicked certificate to the client
application. That way, as long as the intermediate certificate is signed by a root
certificate authority that the client application trusts, the application will trust the
mimicked server certificate, too. You might want to upload an intermediate
certificate if your organization uses its own root certificate authority, but does not
want to upload the root certificate to the Web Security appliance for security
reasons.
certificate authority. When the Web Proxy mimics the server certificate, it sends
the uploaded certificate along with the mimicked certificate to the client
application. That way, as long as the intermediate certificate is signed by a root
certificate authority that the client application trusts, the application will trust the
mimicked server certificate, too. You might want to upload an intermediate
certificate if your organization uses its own root certificate authority, but does not
want to upload the root certificate to the Web Security appliance for security
reasons.
shows an example error message when a users sends an
HTTPS request through Netscape Navigator.
Figure 10-5
Unknown Certificate Authority Error Message