|Install Self-Signed Certificate Authority on Client Endpoint for SSL Bumping in Forward Proxy
|9/15/2022 - Cloudmersive Support
When implementing SSL Bumping (which is recommended) in Cloudmersive Forward Proxy Server, you will need to install the self-signed certificate authority root certificate in the trust store of your client machines to establish the necessary chain of trust. This article applies if you are using the option to automatically generate the self-signed certificate.
Windows and Windows Server
- Navigate to the Cloudmersive Management Portal to download the self-signed certificate. Click on Private Cloud and then click on the relevant Forward Proxy Server node. Click on Configure Node, and then click on Manage next to the Endpoint you have previously installed. Scroll down to Certificates and click on Manage next to the most recent certificate in the Auto-Generated Certificates section. Click on Download Root Certificate to download the certificate in PFX format. Make note of the PFX File Password - this password is needed to import the encrypted certificate file.
- Click on your Start button and type
mmc and press enter.
- Click on File - Add/Remove Snap-In
- Click on Certificates and click on Add, when prompted choose
Computer Account, then Finish, then click OK
- Expand Console Root, then Certificates, then Trusted Root Certification Authorities, then Certificates. Then click on More Actions > All Tasks > Import. Click on Next. Click on Browse, then in the file type dropdown choose
Personal Information Exchange and then choose the PFX file downloaded in Step 1 above. Click Next and enter the password provided in Step 1 and complete the import process.
Microsoft Edge Browser
Microsoft Edge Browser will automatically trust the above-configured Trusted Root Certification Authorities.
Firefox does not automatically trust the above-configured Trusted Root Certification Authorities, and so will require additional steps:
- In the address bar enter
- Set the preference
- Restart Firefox
Google Chrome will automatically trust the above-configured Trusted Root Certification Authorities.