Skip to content

Block invalid SSL certificates



Connect only to sites with a valid certificate. This setting only applies to the web proxy. To configure certificate validation settings for the DPI engine, use Decryption profiles.



Certificate validation is turned on by default in Web proxy. For the DPI engine, a decryption profile must be used.

Web proxy

  1. Go to PROTECT > Web > General settings.
  2. Select Block invalid certificates under HTTPS decryption and scanning.
  3. Click Apply.

DPI engine

Go to SYSTEM > Profiles > Decyption profiles.

More resources