Certificates
HTTPS security revolves around certificates. A certificate must meet 3 criteria:
- It must be current (not expired or revoked). See Validating certificates.
- It must be issued by a trusted CA (certificate authority). See Managing certificates
- The URL and the certificate owner must match. See Configuring validation settings.
HTTPS connections between the client browser and Content Gateway require a certificate issued by an internal CA. See Internal Root CA.
Connections between Content Gateway and the origin server require a certificate signed by one of the certificate signing authorities listed in the Certificate Authority Tree on the
tab. See Managing certificates.