Sophos UTM's Web Protection with HTTPS scanning requires clients to trust the Certification Authority used to re-encrypt the page after the scanning. This article explains how to install the UTM's Certificate Authority (CA) on Microsoft Windows. The following sections are covered:
Applies to the following Sophos products and versions Sophos UTM
Sophos UTM's Web Protection with HTTPS scanning requires clients to trust the Certification Authority used to re-encrypt the page after the scanning.
Navigate to Web Protection > Filtering Options > HTTPS CAs in the Signing CA section click Download. A new frame appears, select the option PEM under Export as and click Download.
The CA is now installed in the computer(s), however, please note not all programs use the Windows Certificate Archive and therefore may not trust the CA even if it's installed, for those programs manual steps or additional configuration may be required, please consult with the manufacturer for instructions.
To confirm the CA is installed and trusted, use Internet Explorer and not third-party programs such as Firefox, that is does not use the Windows Certificate Archive by default.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.