Anytime I browse an HTTPS site when the HTTPS scanning is on I get the "There is a problem with this sites security certificate" error. Attached is a screenshot showing this in greater detail.
To "repair" the chain of trust when using HTTPS scanning, the client browser must trust the "Signing CA" of the proxy. This CA can be managed at "HTTP/S Proxy".
Three options are available to get the public "Signing CA" certificate installed into the client browsers (or in the case of IE, Window's certificate management):
b) Download the "Signing CA" in PEM format in WebAdmin (HTTP/S Proxy -> HTTPS CAs), then distribute it to clients using AD group policies (good for MS shops).
c) Have clients visit the End User Portal. It has a new menu entry "HTTPS proxy" which features a single button to install the "Signing CA".
Yeah, I tried it... still have problems, but Tom has a PM with the details... may be a bug with something other than the certificate itself... good to know about the end-user portal option.
So is this not working properly? When I tried this procedure it seemed to work. The issue is that after I do it I can no longer get back into the webadmin while https proxy is on and I use the proxy. I keep getting this.
(Error code: ssl_error_bad_cert_domain
I accept the cert but can't login into the webadmin. I than have to turn the proxy off on the browser to get into webadmin.
