Upload an Internal CA for Outbound Protection
This task discusses how you can optionally upload an internal certificate authority when you create a decryption rule that protects outbound connections. You can also perform these tasks using as discussed in Uploading a Signed Certificate Issued in Response to a CSR.
Before you begin
Make sure you understand the requirements for generating an internal certificate authority object as discussed in Internal Certificate Authority Objects.
Procedure
Step 1 | Log in to CDO if you haven't already done so. |
Step 2 | Click . |
Step 3 | Click Create Decryption Policy. |
Step 4 | Enter a name for the policy in the Name field and an optional description in the Description field. |
Step 5 | Click the Outbound Connections tab. |
Step 6 | From the Internal CA list, click . |
Step 7 | Give the internal CA a Name. |
Step 8 | Paste or browse to locate the certificate and its private key in the provided fields. |
Step 9 | If the CA has a password, select the Encrypted check box and enter the password in the adjacent field. |
Step 10 | Continue creating the policy as discussed in Create a Decryption Policy with Outbound Connection Protection. |