Adding a Root Authority Certificate

Important
Retrieving certificates from HTTPS sites can be difficult when HTTPS scanning is enabled, as the Web Appliance will provide its own certificate in place of the remote one. Turn HTTPS scanning off on the Configuration > Global Policy > HTTPS Scanning page to be able to download any certificate other than the Sophos-generated certificate. Be sure to turn HTTPS scanning back on once you are done.
  1. Click Browse, and navigate to the certificate file that you want to add.

    Only PEM format certificates are accepted by the Web Appliance.

    To download the certificate needed:
    1. Open the website's certificate information in your browser and look for the Issuer field.

      This field lists the URL of the authority that signed the certificate.

    2. Go to the website of that authority. Find and download the authority's certificate that signed the website's certificate.
    3. If intermediate certificates are involved, these must also be downloaded and added.
  2. Once the path and filename are shown in the text box, click Add.

    The selected certificate is added to the certificate list.