Certificates

HTTPS security revolves around certificates. A certificate must meet 3 criteria:

  • It must be current (not expired or revoked). See Validating certificates.
  • It must be issued by a trusted CA (certificate authority). See Managing certificates
  • The URL and the certificate owner must match. See Configuring validation settings.

HTTPS connections between the client browser and Content Gateway require a certificate issued by an internal CA. See Internal Root CA.

Connections between Content Gateway and the origin server require a certificate signed by one of the certificate signing authorities listed in the Certificate Authority Tree on the Configure > SSL > Certificates > Certificate Authorities tab. See Managing certificates.