The HTTPS Console provides secure access to the Management Console through the HTTPS protocol on Edge SWG (ProxySG)

This article explains how to set up a certificate for the HTTPS console as well as troubleshooting Certificate errors that appear in the browser when connecting to the Management console.

This error may occur when the keyring used for the HTTPS console service is corrupted or expired. It can also be experienced if the certificate in question has not been downloaded and installed at the browser level.

1. Viewing available keyrings

• The Edge SWG (ProxySG) appliance ships with a default keyring that can be reused with each secure console that you create. You can also create your own keyrings.
• To view the list of Key rings in the appliance, and their expiration status navigate to "Configuration > SSL > Keyrings"

2. Open HTTPS-console settings.

• Navigate to Configuration > Services > Management Services > Select the HTTPS-console Service, click Edit.

3. Set the keyring to be used for HTTPS-console.

• In the Keyring field , click on the down arrow to select the chosen keyring.
• Click OK
• Click Apply

4. Download the respective certificate to your local workstation

• Navigate to Statistics > Advanced > SSL > Click on the first option Download a certificate as CA Certificate
• Note: You can also access this directly via the following advanced URL: https://x.x.x.x:8082/SSL/Download_ca
  • Be sure to enter the Edge SWG (ProxySG) IP in the place of x.x.x.x
• Click on the Keyring you wish to download.

5. Save certificate to the Browser.

• The certificate needs to be imported to the Trusted Root Certificates Authorities in the browser certificate list or locally via the target workstation(s).
• For instructions on importing certificates refer to Article ID: 218763.

6. After restarting the browser/user-agent and accessing the proxy via the https-console (https://proxyIPaddr:8082/), the certificate error should not appear again.