Knowledge Base

How to Import the SonicWall DPI-SSL CA certificate into the Windows Certificate store


Before Client DPI-SSL is enabled, the SonicWall Client DPI-SSL CA certificate must be trusted by web applications like browsers. In Windows,  this is done by importing the certificate into the Windows Certificate Store, because most browsers and other applications use the Windows Certificate store.


  1. Download the SonicWall Client DPI-SSL CA certificate from the Client DPI-SSL page.
    1. Login to the firewall.
    2. Navigate to MANAGE | Decryption Services | DPI-SSL/TLS Client.
    3. Click the Certificate tab.
    4. Click the drop down menu and select the certificate that will be used for DPI-SSL and then click download.
  2. Open Microsoft Management Console by typing MMC in Run.
  3. Click on File and select Add/Remove Snap-in.
  4. Click on Certificates and click on Add.
  5. Select Local Machine store.
  6. Select Computer Account and click Next
  7. Click on Finish
  8. Click on OK.
  9. Right-click on Trusted Root CA Certificates folder.
  10. Click on All Tasks and click on Import.
  11. Click Next and browse to the location where the SonicWall DPI-SSL certificate is saved.
  12. Select the certificate and click on Open.
  13. Click on Next and then Finish.
  14. Close the console.