Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.
Table of Contents
Overview
This recommended read describes how to make HTTPS Scanning CA (certificate) available via the Captive Portal via base64 encoding and 'data' URI.
Configuration Steps
Step1. Download a copy of your SSL CA file from the Sophos Firewall ( Note: If you're using the built-in CA, it’ll save as file 'SecurityAppliance_SSL_CA.pem')
Step2. Encode the whole file using base64 and output it as a single line.
On a Mac or a Linux system, you can do this by running: $ base64 SecurityAppliance_SSL_CA.pem | tr -d '\n'
Step3. Go to Authentication > web authentication > Captive portal appearance. In the Login Page Footer HTML text box, paste the following:
- A. a href='data:application/x-x509-ca-cert;base64
Now, copy and paste the output of the command in step 2.
- B.'>Download HTTPS certificate authority</a><p>By doing this, you consent to allow your HTTPS web traffic to be decrypted and scanned for security purposes</p>
Step4. Click 'Preview' to see what it looks like, and check that the file downloads correctly when you click the link.
Step5. Click Apply to save
Revamped RR
[edited by: Erick Jan at 12:24 AM (GMT -7) on 10 Oct 2024]