The Stm150 Ca Certificate - NETGEAR STM150 Reference Manual

ProSecure Web/Email Threat Manager STM150 Reference Manual

The STM150 CA Certificate

HTTPS is a secure version of HTTP used by Web sites for handling secure transactions. When the
STM150 (with HTTPS scanning enabled) is located between the client and the server, the STM150
breaks the SSL connection into two parts.
1. Client <-> STM150
2. STM150 <-> Server
When the client makes a request, the STM150 will communicate with the server on its behalf. The
server then returns a certificate to the STM150 for authentication. Next, the STM150 will
dynamically generate and pass a certificate of its own to the client in place of the server's
certificate, which means the client will see the STM150 generated certificate rather than the one
from the server.
Due to the nature of HTTPS scanning and how the certificates are handled, the end user will see
Security Alerts in their web browser as shown in the following figure. This is because the client
(browser) will get a certificate from the STM150 instead of directly from the server.
Figure 4-13
During SSL authentication, the client authenticates three items:
• Is the certificate trusted?
• Has the certificate expired?
• Does the name on the certificate match that of the Web site?
If one of these is NOT satisfied, a security alert appears in the browser window.
If HTTPS scan is enabled, an alert message appears when a user connected to the STM150 visits
an HTTPS site. Note that this is not a bug in the STM150 – it is a result of HTTPS scanning and
4-20
v1.0, January 2009
Optimizing Scans