cancel
Showing results for 
Search instead for 
Did you mean: 

Howto add new certificate authorities?

Hi all,

i am very new to MWG but i have a question howto add some new CAs to pur 7.0.2 Test Env. Right now we have some issues with some random pages with CAs from GoDaddy, VeriSign etc. The URL (for example) is: https://www.ultraedit.com/store/

cert_error.jpg

So basicly there was something like "Inspect Certificate" and "Add CA" in the old Webwasher times. The question is: How do i add CAs with i am trusting or HAVE TO trust like self signed stuff. Even if they are "untrusted"?

Message was edited by: northalpha on 1/14/11 3:02:52 AM CST
19 Replies
eelsasser
Level 15
Report Inappropriate Content
Message 2 of 20

Re: Howto add new certificate authorities?

You add new CAs to your certificate Chain list:

Capture.JPG

I have a personal, more comprehensive list of CAs that I've accumulated over the years if you want to use them.

Re: Howto add new certificate authorities?

Yes that would be very nice to have.

But overall even we are adding these CAs we get the Error messages. Something i think i made completly wrong

Highlighted

Re: Howto add new certificate authorities?

Hi,

can you give me your personal more comprehensive list of CAs? Is the CRL updated in a new version of webgateway? Or is there no update cycle and we should add missing CRLs?

Thanks for reply.

eelsasser
Level 15
Report Inappropriate Content
Message 5 of 20

Re: Howto add new certificate authorities?

Send me your email and I will attach them.

It is my own personal list of CAs that I have accumulated over the years from working with customers that have reported them to me.

I make no warranty of their validity, and please review them and remove any you don't desire.

Erik_Elsasser@McAfee.com

seebvey
Level 10
Report Inappropriate Content
Message 6 of 20

Re: Howto add new certificate authorities?

Hi,

how can i generally update the list of certificate authorities?

Is the list of CA's also updated when i do a software update?

regards

seebvey

asabban2
Level 17
Report Inappropriate Content
Message 7 of 20

Re: Howto add new certificate authorities?

At the moment the update is done with a software update. We are planning to have this a seperate, McAfee controlled process in the future.

Best,

Andre

Reliable Contributor Troja
Reliable Contributor
Report Inappropriate Content
Message 8 of 20

Re: Howto add new certificate authorities?

Hi Andre,

is it possible to import the CA Authorities from Webwasher 6?

Cheers,

Thorsten

asabban2
Level 17
Report Inappropriate Content
Message 9 of 20

Re: Howto add new certificate authorities?

Hi Thorsten,

generally yes. The 6.8.7 CAs should be the same as in 7.x. Only 6.9 has an updated list since we (finally) understood that we need to invest much more time on maintaining these lists. A direct conversion is difficult, because you need to inject a modified list into the MWG 7 and enforce the modified storage to be accepted (there is a hash that prevents manual changes).

If there is a need I can have a look at converting the 6.9 CAs to 7.

Best,

Andre

Reliable Contributor Troja
Reliable Contributor
Report Inappropriate Content
Message 10 of 20

Re: Howto add new certificate authorities?

Hi Andre,

importing one whole CA List from Webwasher would be great. There are some customers requesting a complete CA list.

Cheers,

Thorsten

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community