Skip to content

How to Generate Secure Proxy Certificate using Admin UI

In order to generate the secure proxy certificate using the Admin UI, open the Proxy Settings menu in Admin UI / Web Filtering Proxy section and click on the Proxy Settings node as indicated on the following screenshots.

Proxy Settings

Select the Secure Proxy setting and click on the Generate button.

Network Settings for Secure HTTPS Proxy

The Admin UI will the try to determine the fully qualified domain name of the proxy machine as well as its IP addresses. It will then use this information to generate the secure proxy certificate on the fly and sign this certificate using the existing Root CA. The idea here is that as you are going to setup HTTPS decryption anyway - and if a browser trusts the proxy for imitating the site certificates - it seems also logical to imitate the secure proxy certificate too.

So read and understand the warning and click Yes.

Secure Proxy Generation Warning

Properties of the generation certificate will be displayed in the Admin UI.

Verify Common Name

It is very important to verify that the Common Name of the imported certificate matches the fully qualified domain name of the machine where Web Filtering Proxy is deployed. Wrong common name will prevent the browser from connecting to secure proxy.

Do not forget to restart the Web Filtering Proxy service in order for the changes to be applied.