Using SSL for secure administration

Forcepoint Web Security uses the Secure Sockets Layer protocol (SSL) to protect administrator communication with the Content Gateway manager. SSL security provides authentication of both ends of a network connection using certificates, and provides privacy using encryption.

Administrators can optionally replace the Forcepoint-provided certificate with a custom certificate.

To do this:

Steps

  1. Obtain an SSL certificate from a recognized certificate authority (for example, VeriSign) or, if you use Active Directory Certificate Services, generate a certificate using Certificate Services and a script provided with your Content Gateway software. (See Creating an SSL Certificate for Content Gateway manager with Active Directory Certificate Services).
  2. Install the certificate in the Content Gateway config directory (/opt/WCG/bin).
    Either rename the certificate to the default filename (private_key.pem), or specify the name of the certificate in the Content Gateway manager.
  3. If you have used a name other than the default, log on to the Content Gateway manager and navigate to the Configure > My Proxy > UI Setup > General tab.
    The HTTPS option is enabled by default.
  4. In the Certificate File field, specify the filename of the SSL certificate.
  5. Click Apply.