The keyring selected in the “SSL proxy” settings (Configuration > Proxy Settings > SSL Proxy) is the default keyring. It is used if no other keyring is selected in policy under the SSL interception layer.

If a default keyring is not selected, the keyring selected in policy takes precedence and is used for SSL interception.