When Web Traffic Redirection (WTR) is enabled on the Symantec Endpoint Protection (SEP) client will website certificates be replaced with those used by Symantec to facilitate the web redirection?
We do not replace website certificates with our own. In order to decrypt SSL traffic we do install root certificates on the local machine as a means to review traffic when sent through the Web Security Services (WSS) pods. SEP makes use of a Local Proxy Service that is used to redirect web traffic to the WSS pods and back to the web browser on the local machine.
See About Scanning Encrypted Traffic for more information on WSS SSL Interception.