Help

Pushing a Barracuda SSL Certificate out

Allen_Cotton
New Contributor II

Posted on ‎01-02-2017 11:57 AM

Hello everyone! I have a Barracuda Web Security Gateway 610 and need to turn on SSL Inspection and HTTPS filtering. To have those items function properly I need to get the Cuda certificate to each machine and installed for Safari and Firefox. What is the best way to accomplish this?
Thanks in advance!
Allen

0 Kudos
3 REPLIES 3

thoule
Valued Contributor II

Posted on ‎01-03-2017 10:50 AM

Safari will use the system keychain so you'll need to copy the cert to a directory on the client computer and use /usr/bin/security to import the certificate. security -v add-trusted-cert -d -r trustRoot -u 0 -k /Library/Keychains/System.keychain /tmp/mycert.pem or 'trustAsRoot' if it's not a root certificate you are deploying.

Firefox uses its own certificate keystore so you'll have to google that separately (I don't have that handy). If you use CCK, you can incorporate the certificate there and then apply to firefox.

0 Kudos

blackholemac
Valued Contributor III

Posted on ‎01-05-2017 08:52 AM

I had to do that with our Lightspeed...if you are using Firefox CCK2 is the way to go. As for the operating system itself I used a Casper policy to get the cert out, so it would continue to work even if the MDM profile is removed

0 Kudos

bentoms
Release Candidate Programs Tester

Posted on ‎01-08-2017 01:20 AM

For macOS, Safari & Chrome etc.. I'd deploy the certificate via a profile. No need for scripting shenanigans.

For Firefox, it's CCK2 as per what @blackholemac said.

0 Kudos