To import an approved CA certificate:
- Copy the certificate which was saved from the client browser in PEM format to the clipboard.
- Select Configuration > SSL > CA Certificates > CA Certificates.
- Click Import.
- Name the certificate.
- Paste the signed CA Certificate into the Import CA Certificate field.
- Click OK.
- Select Configuration > SSL > CA Certificates > CA Certificate Lists -> browser-trusted.
- Click Edit.
- Select the newly added CA certificate on the left and then click ADD>>.
- Click OK and apply the changes.
To view a CA certificate:
- Select Configuration > SSL > CA Certificates > CA Certificates.
- Select the certificate you want to view.
- Click View. Examine the contents and click Close.
To delete a CA certificate:
- Select Configuration > SSL > CA Certificates > CA Certificates.
- Select the certificate to delete.
- Click Delete.
- Click OK.
Note: Spaces in CA Certificate names are not supported. Including a space can cause unexpected errors while using such certificates.
-----------------------------------------------------------------------------------------------------
Steps for saving CA certificate from Firefox, as an example :
- After going to an HTTPS site, click on the 'lock' icon on the right bottom of the browser.
- Click View Certificate ->Details.
- Select the CA certificate under Certificate Hierarchy.
- Click Export and save it as X.509 Certificate (PEM).
- Open the Saved file in a text editor and copy the certificate including both the --BEGIN CERTIFICATE--and --END CERTIFICATE-- lines to the clipboard.
- Now, the follow the steps mentioned above under "Importing a CA Certificate to the proxy."
Note: Depending on the Web browser versions, the above steps could vary.