Virtual Secure Web Gateway

Hi All,

I have enabled SSL deep inspection on Symantec Web Gateway, everything worked fine as expected when using the default SWG certificate and SWG certificates were pushed to browsers.

Currently are using certificate signed by our internal CA server and uploaded the certificate and keys in PEM format.

Post which end users are seeing certificate error, Since the certificate was generated from root CA browser should accept the certificate instead giving error.

The SWG server certficate templete used to generate certificate for SWG and facing the issue

What template from MS console should be selected for SWG requirement. There is a long list of available template. Kindly suggest which one to be used?

As per the below link its mentioned to generate SSL certificate through MS PKI service using Subordinate Certificate Authority template.

http://www.symantec.com/connect/forums/swg-ssl-certificate

Could some one help us in this regard

There is no way that we know of that will work correctly. Many customers have tried this and the SWG is not able to use SSL certificates generated by their internal CAs. You need to import the SWG cert into your clients through a GPO or use a public CA signed certificate.