How to Enable HTTPS Decryption
Right after installation the Web Filtering Proxy runs in normal non decrypting mode. To enable the HTTPS decryption and filtering follow these steps. See a short screencast video below.
Step 1. Generate Root CA Certificate
With HTTPS decryption in place the proxy acts as trusted third party for the browsers and imitates the site certificates on the fly. To be able to do that the proxy must be configured with the Root CA certificate and private key. To generate your own RootCA open Admin UI / Proxy Settings, select the HTTPS Decryption tab and click the Generate button.
Step 2. Enable Decryption in Policy
To enable the HTTPS decryption for a given policy, select the policy in the policy list, click on Configure Settings and choose the Decryption tab. Select the decryption mode and save settings.
Step 3. Install Decryption Certificate in Browsers
Finally to install the decryption certificate as trusted, navigate to
C:\ProgramData\Diladele\WebFilteringProxy\etc folder and double click on the myca.der file for the Root CA installation. After successful installation the browser will trust the proxy and will be filtered.
The outlined steps are described in more details in the following YouTube video.