💬 FAQ
Why appears "Certificate Error...

Install the CA to avoid certificate errors

5min

When you try to open an Https blocked website for security policies, a browser certificate warning message appears. To avoid this issue you can install our Certification Authority (CA) on your devices.

It's possible to perform a manual installation or a massive deployment under Microsoft Active Directory Server.

1. MANUAL INSTALLATION

Logon with an administrative account on the device. download the Certification Authority on the Desktop. Unzip the WebFilter.zip file and right-click on the extracted WebFilter.crt file. Click [Install certificate] from the menu. Choose to install the certificate for Local Machine and press [Next] to continue.



Document image


Choose Place all certificates in the following store and then click on the [Browse...] button.



Document image


Highlight Trusted Root Certification Authorities and then confirm with [OK]. Finally, click [Finish] to complete the CA installation. N.B If it does not work on mozilla firefox, please refer to the following guide.

2. INSTALLATION USING ACTIVE DIRECTORY GPO

Certification Authority using the Group Policy in a Microsoft Active Directory environment. NOTE: In the following guide we'll explain how to create the policy with Microsoft Windows Server 2012 but the steps are silimar also with the other versions of Windows. Log into your Active Directory Server, using an administrative account and download the Certification Authority on the Desktop. Unzip the WebFilter.zip file and right click on the extracted WebFilter.crt file. Open the group policy management console by running gpmc.msc command.



Document image


Choose your domain, right click and select Create a GPO in this domain and link it here.



Document image


Type a name for your GPO and click [OK] to create it.



Document image


Righ click on the policy you've just created and then select [Edit]. In the new window navigate to Computer Configuration->Policies->Windows Settings->Security Settings->Public Key Policies.



Document image


Right click on the Trusted Root Certification Authorities entry and click [Import].



Document image


Click [Next] and then click [Browse...] to choose our Certification Authority.



Document image


Select the extracted certificate, called WebFilter.crt, you saved before on your Desktop and click [Open]. Click [Next] to proceed. Choose Place all certificates in the following store and then click on the [Browse...] button. Highlight Trusted Root Certification Authorities and then confirm with [OK]. Then confirm with [Next]. Finally, click [Finish] to complete the procedure.



Document image


Navigate to Computer configuration->Policies->Administrative Templates Policy definitions->Windows Components->Windows Update. Double click Allow signed content from intranet Microsoft update service location.



Document image


Next select [Enabled]. Click [OK] to confirm.



Document image


The new group policy will be updated, on your internal devices, based on the refresh interval time. The standard interval is 90 minutes. NOTE: You can use the gpupdate /force command to immediately load the policy on your PC.