Managing HTTPS inspection settings
Prerequisites
- Make sure that your client devices trust the HTTPS interception certificate.
- To configure your Smoothwall Filter and Firewall to use your Google account as a directory, see our knowledge base article, Configuring Your Smoothwall Filter and Firewall to Use Your Google Account as a Directory and Apply Your Filter Policies to Your Chromebook Devices.
Procedures
Notes:
- If you make use of a centrally managed Smoothwall configuration, you must make sure that the parent node's HTTPS interception certificate is installed and set on all child nodes. This is important for configurations that replicate MITM certificates.
- Clearing the cached certificates results in a full restart of the web filter. All the Smoothwall Filter services are halted for a few minutes. Therefore, we recommend that you do this during a quiet time.
- On the GUARDIAN menu, under the HTTPS inspection submenu, click Settings.
- Under the Manage HTTPS interception certificates section:
- To change the SSL certificate used to sign for certificates, from the Certificate Authority list, choose the relevant certificate.
- To create a new certificate, click Create and manage certificates.
- To download the root certificate authority used to sign this certificate, click Export.
- To clear the cache of certificates generated for use with HTTPS inspection policies, click Clear and restart.
- To change the SSL certificate used to sign for certificates, from the Certificate Authority list, choose the relevant certificate.
- Under the Manage HTTPS interception warning section:
- To set up a warning message:
- Type the Warning message that you want to display.
- Type the text that you want to appear on the Confirmation button label that your users need to click to close the message and proceed.
- From the Warning frequency list, choose how often to show the warning message to the user.
- To set up a warning message:
- Under the Manage HTTPS interception certificates section:
- Click Save.
Follow-up tasks
- Distribute the HTTPS certificate to all Chromebooks by adding the HTTPS certificates to your Google Admin Console, see our knowledge base article, Configuring Your Smoothwall Filter and Firewall to Use Your Google Account as a Directory and Apply Your Filter Policies to Your Chromebook Devices.