SonicOS 7.0 DPI-SSL
- SonicOS 7.0
- About DPI-SSL
- DPI-SSL/TLS Client
- Deploying the DPI-SSL/TLS Client
- Applying DPI-SSL/TLS Client
- Viewing DPI-SSL Status
- DPI-SSL/TLS Server
- SonicWall Support
Selecting the Re-Signing Certificate Authority
The re-signing certificate replaces the original certificate signing authority only if that authority certificate is trusted by the firewall. If the authority is not trusted, then the certificate is self-signed. To avoid certificate errors, choose a certificate that is trusted by devices protected by DPI-SSL.
For information about requesting/creating a DPI SSL Certificate Authority (CA) certificate, see the Knowledge Base article, How to request/create DPI-SSL Certificate Authority (CA) certificates for the purpose of DPI-SSL certificate resigning (SW14090).
To select a re-signing certificate
- Navigate to the POLICY | DPI-SSL > Client SSL page.
-
Click Certificate.
-
Select the certificate to use from the Certificate drop-down menu. By default, DPI-SSL uses the Default SonicWall DPI-SSL CA certificate to re-sign traffic that has been inspected.
If the certificate you want is not listed, you can import it from the DEVICE | Settings > Certificates page.
-
To download the selected certificate to the firewall, click the (download) link. The Opening filename dialog appears.
To view available certificates, click on the (Manage Certificates) link to display the DEVICE | Settings > Certificates page.
-
Ensure the Save File radio button is selected.
-
Click OK.
-
The file is downloaded.
-
Click Accept.
Was This Article Helpful?
Help us to improve our support portal