i am very new to MWG but i have a question howto add some new CAs to pur 7.0.2 Test Env. Right now we have some issues with some random pages with CAs from GoDaddy, VeriSign etc. The URL (for example) is: https://www.ultraedit.com/store/
So basicly there was something like "Inspect Certificate" and "Add CA" in the old Webwasher times. The question is: How do i add CAs with i am trusting or HAVE TO trust like self signed stuff. Even if they are "untrusted"?Message was edited by: northalpha on 1/14/11 3:02:52 AM CST
You add new CAs to your certificate Chain list:
I have a personal, more comprehensive list of CAs that I've accumulated over the years if you want to use them.
Yes that would be very nice to have.
But overall even we are adding these CAs we get the Error messages. Something i think i made completly wrong
can you give me your personal more comprehensive list of CAs? Is the CRL updated in a new version of webgateway? Or is there no update cycle and we should add missing CRLs?
Thanks for reply.
Send me your email and I will attach them.
It is my own personal list of CAs that I have accumulated over the years from working with customers that have reported them to me.
I make no warranty of their validity, and please review them and remove any you don't desire.
how can i generally update the list of certificate authorities?
Is the list of CA's also updated when i do a software update?
At the moment the update is done with a software update. We are planning to have this a seperate, McAfee controlled process in the future.
generally yes. The 6.8.7 CAs should be the same as in 7.x. Only 6.9 has an updated list since we (finally) understood that we need to invest much more time on maintaining these lists. A direct conversion is difficult, because you need to inject a modified list into the MWG 7 and enforce the modified storage to be accepted (there is a hash that prevents manual changes).
If there is a need I can have a look at converting the 6.9 CAs to 7.