How do I add a SSL certificate in the Capture Client?
03/26/2020 13 8655
This KB article describes the process of adding a SSL Certificate on the Capture Client and pushing the certificate onto a particular Client Policy.
Capture Client has the option to add a SSL Certificates and enforce that certificate onto the Client Policy.
Sonicwall DPI SSL Certificate is installed by default with the Capture Client. However, the client also gives us the option to manually add a certificate.
Steps to add a certificate manually:
- Log into Capture Client Portal with your MysonicWall account credentials.
- Navigate to Configure > SSL Certificates
- Click on the Actions Tab and select Upload option.
- Browse to the location where the certificate is stored and click on Upload when selection is completed.
- Under the SSL Certificates, the added certificate should be visible and it would not be used by any policies yet.
- In order to add the certificate to the designated certificate policy, navigate to Security Policies > Trusted Certificates
TIP: To create Trusted Certificate Policy, check the following KB article: How do I configure Client Policies?
- Click the edit option for the selected certificate policy.
- Navigate to the SSL Certificates Tab.
- Click the Actions option and select Add.
- After selecting the Add option, the following screen would be shown to add the newly imported certificate.
- Select the new certificate that was imported on the Capture Client. The Trusted Certificate Policy would show the designated certificate.
- In order to link the created Certificate Policy to the appropriate Client Policy, navigate to Security Policies > Capture Client.
- Click the Edit option for the approriate Client Policy.
- Navigate to the Agent Policies tab.
- The Trusted Certificate column should be pointed to the designated Certificate Policy that has been created in the previous steps.
How to test:
- Firstly, navigate to Configure > SSL Certificates.
- Find the newly imported certificate and confirm if the Used column is pointing to the appropriate Certificate policy.
- Check the Endpoint client and you should see the new certificate that was applied to the Client policy.
- If you still see the old certificate, update the policy by right clicking the Capture Client icon on the system tray and select Update Policy.