Manualshelf

User Guide

ManualsBrandsCisco Manualsantivirus security softwareCisco Web Security Appliance S170
221222223224225226227228229230
ENABLING HTTPS SCANNING
CHAPTER 10: DECRYPTION POLICIES 199
c. In the Generate Certificate and Key dialog box, enter the information to display in
the root certificate.
Note — You can enter any ASCII character except the forward slash ( / ) in the
Common Name field.
d. Click Generate. The Web Security appliance generates the certificate with the data
you entered and generates a key.
The generated certificate information is displayed on the Edit HTTPS Proxy Settings
page.
Note — After you generate the certificate and key, you can download the
generated certificate to transfer it to the client applications on the network. Do this
using the Download Certificate link in the generated key area.
e. Go to step 8 on page 200.
7. To upload a root certificate and key:
a. Click Use Uploaded Certificate and Key.
b. Click Browse for the Certificate field to navigate to the certificate file stored on the
local machine.
If the file you upload contains multiple certificates or keys, the Web Proxy uses the
first certificate or key in the file.
Note — The certificate file must be in PEM format. DER format is not supported.
c. Click Browse for the Key field to navigate to the private key file. The private key
must be unencrypted.
Note — The key length must be 512, 1024, or 2048 bits. Also, the private key file
must be in PEM format. DER format is not supported.
d. Click Upload Files to transfer the certificate and key files to the Web Security
appliance.
The uploaded certificate information is displayed on the Edit HTTPS Proxy Settings
page.