Enabling SSL decryption
SSL (Secure Sockets Layer) is the industry standard for transmitting secure data over the Internet. It is based on a system of trusted certificates issued by certificate authorities and recognized by servers.
When you enable SSL decryption for your end users, SSL-encrypted traffic is decrypted, inspected, and then re-encrypted before it is sent to its destination. This enables the cloud proxy to serve the correct notification page to the user. For example, a block page if the SSL site is in a category that the end user is prevented from accessing, or the Pre-logon welcome page for authentication.
To implement SSL decryption for your end users, you need a root certificate on each client machine that acts as a Certificate Authority for SSL requests to the cloud proxy.
To install the root certificate for your end users and enable notification pages for SSL sites: