Cyberoam Certificate Installation Guide

     Cyberoam Certificate Installation Guide

When SSL content inspection for HTTPS traffic is enabled on Cyberoam, the web browsers prompt a warning message if the Certificate Authority (CA) for the certificate used by the Cyberoam SSL inspection is not known by the browser. For this, you need to import Cyberoam SSL Proxy certificate in Internet Explorer and Firefox Mozilla for decryption on SSL Inspection.
All Cyberoam appliances are shipped with a unique SSL CA Certificate which is used in HTTPS Deep Scan Inspection. This article describes how you can download Cyberoam’s SSL CA Certificate and install it in your local browser and machine

Note:

Cyberoam also provides an option to regenerate the CA Certificate when required.

Configuration

To download and install the Certificate in your browser and local machine, follow the steps given below.

Step 1: Download the Certificate to your local machine

Go to System > Certificate > Certificate Authority and click on the download icon Download icon   under Manage column to download the Certificate, as shown below. Save it in your local machine.

Cyberoam Certificate

Step 2: Install Certificate in Trusted Certification List in your Browser

 

Internet Explorer

  • On the Menu Bar, click Tools > Internet Options to display the Internet Options window.
  • Switch to Content tab and, under Certificates section, click Certificates to display Certificates Window.
  • Switch to Trusted Root Certification Authorities tab and click the Import button to start Certificate Import Wizard.
  • Import the Certificate downloaded in step 1 using this wizard.

 

Firefox

  • On the Menu Bar, click Tools > Options to display the Options window.
  • Switch to Advanced tab under which select Encryption tab.
  • Click View Certificate to display the Certificate Manager window.
  • Switch to Authorities tab and click Import.
  • Select the Certificate downloaded in step 1 and click Open.
  • In the Downloading Certificate window, select Trust this CA to identify websites and click OK.

 

Google Chrome

  • On the right corner of the Address Bar, click on Chrome Tools button and click Settings.
  • Click Show advanced settings… and scroll down to HTTPS/SSL.
  • Click Manage Certificates… to display the Certificates window.
  • Switch to Trusted Root Certification Authorities tab and click the Import button to start Certificate Import Wizard.
  • Import the Certificate downloaded in step 1 using this wizard.

 

Safari

  • Download the SSL CA Certificate as shown in step 1.
  • Once downloaded, double-click the Certificate. This launches Keychain Access and displays Certificate Not Trusted Warning.
  • Click Always Trust to import the certificate into login keychain.

 

Opera

  • Click the Opera button on the top left corner of the screen and click Settings.
  • Switch to Privacy & Security tab.
  • Under HTTPS/SSL, click Manage Certificates…to display the Certificates window.
  • Switch to Trusted Root Certification Authorities band click the Import button to start Certificate Import Wizard.
  • Import the Certificate downloaded in step 1 using this wizard.
Step 3: Install Certificate in Local Machine’s Trusted Root Authority Container
Windows
  • Open the Microsoft Management Console by typing “MMC” in the run box.
  • Add the certificates Snap-in by selecting FILE à ADD/REMOVE SNAP-IN…
  • Select Certificates from the list and click Add to display Certificates Snap-in window.
  • Select the Computer Account and click Next.
  • Click Finish and close the list of snap-ins.
  • Click OK to add the certificates snap-in, which should now be visible in the Add/Remove Snap-ins window.
  • Expand the list of certificate containers, right click Trusted Root Authorities and choose All Tasks à Import to start Certificate Import Wizard.
  • Import the Certificate downloaded in step 2 using this wizard.

Macintosh

  • Download the SSL CA Certificate as shown in step 1.
  • Once downloaded, double-click the Certificate. This launches Key chain Access and displays Certificate Not Trusted Warning.
  • Click Always Trust to import the certificate into login key chain.