You see the following error when updating Blue Coat WebFilter (BCWF) using the default URL that uses HTTPS. If you use HTTP, you do not see this error.
Download log: Blue Coat download at: 2011/04/11 18:11:53 +0000 Downloading from https://list.bluecoat.com/bcwf/activity/download/bcwf.db Requesting differential update Fetching: https://list.bluecoat.com/bcwf/activity/download/bcwf.db?installed_version=311010300 ERROR: Server certificate signed by unknown CA Requesting full database Fetching: https://list.bluecoat.com/bcwf/activity/download/bcwf.db ERROR: Server certificate signed by unknown CA Download failed
Install the missing CA Certificate and restart the database download:
Download the certificate entrust_2048_ca.cer. (It is attached to this article.)
Import the certificate into the ProxySG appliance CA Certificates (Configuration > SSL > CA Certificates) and give it the name" entrust_2048_ca".
Add the certificate to the browser-trusted list (CA Certificate Lists > Browser-trusted).
Apply the configuration changes.
Restart the download of the BCWF database and view the download status to make sure that the download is working properly.
Make sure that the CCL for the default 'Device Profiles' is 'browser-trusted' (
Configuration > SSL > Device Profiles).