From macOS Big Sur onwards, certificates are properly installed but they cannot be set to Always Trust by default. This will require you to locate the certificate
and manually set it to Always Trust.
Steps
-
After installing the Forcepoint ONE SSE SmartEdge agent on the mac device, open KeyChain Access (the keys icon).
- If the certificate installed is from Windows-Local SE Proxy CA, MacOS-Bitglass CA, then you can search the certificate with the name of your tenant
as the certificate name contains the name of tenant you downloaded it from.
- If the certificate installed is from Windows-Local SE Proxy CA, MacOS-Local SE Proxy CA option, then you can search the certificate with
seproxy.
-
Locate and open the certificate in question (for example, BG_SEProxy_CA certificate). The certificate is added to the keychain when the agent is
installed.
-
Expand Trust and set the When using this certificate field to Always Trust.
-
Close the window.
It will ask you for your admin user password to update settings.
Next steps
Test Antivirus scanning exceptions for SmartEdge Agent using EICAR method to make sure SmartEdge agent driver files
and certificates are excluded from scan.