How can I manually import the Client DPI-SSL CA certificate into Firefox?

12/20/2019 1,169 People found this article helpful 490,171 Views

Description

To avoid certificate trust errors and to enable the re-signing certificate authority to successfully re-sign certificates, browsers must trust this certificate authority. Such trust can be established by having the re-signing certificate imported into the browser's trusted CA list. Internet Explorer, Chrome, Opera uses the Windows Certificate store to build trust. Mozilla Firefox uses its own certificate store and the CA certificate must be manually imported into the Firefox certificate store. This article describes the process of manual import of the SonicWall DPI-SSL CA certificate into Mozilla Firefox.

Don't want to read? Watch instead!

Resolution

On the SonicWall Web UI

6.5 Firmware UI - go to MANAGE | Decryption Services | DPI-SSL/TLS Client
5.9/6.2 Firmware UI - go to DPI-SSL | Client SSL | Certificate
choose the appropriate DPI-SSL Certificate from the drop down menu and click on the (download) link to save the Certificate on the PC.

On the Client:

Open Firefox
Navigate to Tools | Options, click Privacy & Security and scroll down to Certificates (or in the older versions: Advanced tab and then the Certificates tab).
Click View Certificates, select the Authorities tab, and click Import.
Select the certificate file, make sure the "Trust this CA to identify websites" check box is selected, and click OK.