Important note: SSL Inspector requires the root certificate of your NGFW to be installed on the workstations / browsers that would be subjected for HTTPS inspection.
For manually installing the root certificate via GPO-
For manually installing the root certificate on Mac OSX ( Yosemite ) -
For installing the root certificate on Windows using the installer-
- Navigate to Apps > SSL Inspector
- Click the Configuration tab.
- Click the "Download root certificate installer" button and run through the installation wizard.
- By default, processing of HTTPS is enabled under Configuration tab.
- Under the Rules tab, by default SSL Inspector inspects Youtube, Google, Twitter, Yahoo, Bing, Wikipedia for HTTPS traffic. Check "Inspect all traffic" to process all other HTTPS sites, but be warned that SSL inspection can be highly resource-intensive and enabling this option can cause significant performance issues. It's better to create specific rules to inspect traffic that you know you need to inspect.
- Click the power button under Status tab to turn on SSL Inspector.