Upload an internal CA for outbound protection
This task discusses how you can optionally upload an internal certificate authority when you create a decryption rule that protects outbound connections. You can also perform these tasks using as discussed in Uploading a Signed Certificate Issued in Response to a CSR.
Before you begin
Make sure you understand the requirements for generating an internal certificate authority object as discussed in Internal Certificate Authority Objects.
Procedure
Step 1 | From the Internal CA list, click . |
Step 2 | Give the internal CA a Name. |
Step 3 | Paste or browse to locate the certificate and its private key in the provided fields. |
Step 4 | If the CA has a password, select the Encrypted check box and enter the password in the adjacent field. |
Step 5 | Continue creating the policy as discussed in Create a rule-based decryption policy with outbound connection protection. |