Technical Library
|
Support
Working With Encrypted Data
> Internal Root CA
Internal Root CA
Help | Content Gateway | Version 8.1.x
The internal Root CA dynamically generates all certificates used between the client browser and Content Gateway.
You must have an internal Root CA to complete an inbound connection.
You can either import or create the internal Root CA.
The internal Root CA is stored in the SSL configuration database.
Important
Back up the existing internal Root CA before importing or creating a new one. This enables you to return to an earlier version, if necessary. See
Backing up your internal Root CA
for details.
Only one internal Root CA can be active at a time.
Important
The default internal Root CA that is included with Content Gateway is not unique and should not be used in a production environment.
Replace the default internal Root CA with your organization's Root CA or create a new one. See the sections that follow.
There are three options for creating an internal Root CA:
Leverage an existing corporate CA and import it into Content Gateway. See
Importing your Root CA
.
Create a new Root CA and make that CA available to browsers. See
Creating a new Root CA
.
Create a subordinate CA. This leverages a corporate CA, but can also be revoked by the corporate CA. See
Creating a subordinate CA
.
Working With Encrypted Data
> Internal Root CA
Copyright 2016 Forcepoint LLC. All rights reserved.