You see the following error when updating Blue Coat WebFilter (BCWF) using the default URL that uses HTTPS. If you use HTTP, you do not see this error.

Download log:
  Blue Coat download at: 2011/04/11 18:11:53 +0000
  Downloading from https://list.bluecoat.com/bcwf/activity/download/bcwf.db
  Requesting differential update
  Fetching:
    https://list.bluecoat.com/bcwf/activity/download/bcwf.db?installed_version=311010300
      ERROR: Server certificate signed by unknown CA
  Requesting full database
  Fetching:
    https://list.bluecoat.com/bcwf/activity/download/bcwf.db
      ERROR: Server certificate signed by unknown CA
  Download failed

Install the missing CA Certificate and restart the database download:

1. Download the certificate entrust_2048_ca.cer. (It is attached to this article.)
2. Import the certificate into the ProxySG appliance CA Certificates (Configuration > SSL > CA Certificates) and give it the name" entrust_2048_ca".
3. Add the certificate to the browser-trusted list (CA Certificate Lists > Browser-trusted).
4. Apply the configuration changes.
5. Restart the download of the BCWF database and view the download status to make sure that the download is working properly.