About certificate authorities

Each network device is given a certificate to prove its identity and, in some cases, allow it to issue other certificates.

Certificates contain two parts:

  • A Public key that can be safely and securely shared.
  • A Private key held only by the device to identify it according to the public key.

Certificates that can issue other certificates are known as Certificate Authorities. Certificate Authorities can create and sign for other certificates using their own private keys to verify that the signed certificate is trusted.

When the Smoothwall Filter is configured to intercept SSL traffic, certificates must be validated. This is done by checking them against the list of installed Certificate Authorities (CA).

Your Smoothwall comes installed with open source certificates issued by well-known and trusted external Certificate Authorities.

Default Certificate Authorities

You can use a default Certificate Authority as the Certificate Authority used by services specified on the Certificates for services page. Any intermediate certificates or Certificate Authorities are created and managed automatically, creating a single continuous chain of trust. This simplifies the certificate management process by allowing you to only export the one Certificate Authority and import just that to all client devices.

On first startup, if a default Certificate Authority doesn't exist, it's created automatically. Alternatively, you can manually create or import one.