/
Installing Infoblox Root Certificate for Bypass Code
Document toolboxDocument toolbox

Installing Infoblox Root Certificate for Bypass Code

Owned by Gary Leicht
Last updated: Sept 06, 2024


Note

When Bypass Code is toggled to Enable, you will be requested to download the SSL root certificate for HTTPS redirect in your browser. The SSL root certificate can be downloaded from the Downloads page (ConfigureAdministration > Downloads > Infoblox SSL Root Certificate) or by clicking on this link. The direct link for downloading the ChromeOS SSL certiciate by clicking here. Select Download Infoblox SSL Root Certificate for all browsers other than ChromeOS. For ChromeOS, select Download ChromeOS Certificate. The default block page will be provided using an intelligent proxy.

If you use bypass codes to override content filtering and grant temporary access to restricted HTTPS sites, ensure that you install the Infoblox Root Certificate in your browser so you can eliminate excessive warning messages when you try to access any blocked websites. Infoblox Threat Defense uses an intelligent proxy to provide bypass access to the blocked content, and the proxy presents its own SSL certificate to the browser each time it tries to access any blocked HTTPS sites. If the SSL certificate is not trusted, a warning message may appear (this is the expected and correct behavior). By installing the Infoblox Root Certificate, your browser will trust the certificate provided by the proxy, which prevents the warnings when you try to access blocked HTTPS sites using bypass codes. Note that this applies only to blocked websites where a security policy was provisioned with bypass codes. Other HTTPS sites will not be affected. In addition to using the SSL root certificate for HTTPS redirect in the browser, it can also be used to show default block pages without receiving an SSL error. 

Note

When using the default redirect, the Infoblox root certificate is mandatory. otherwise you may be presented with a HSTS warning page showing different error variations (depending on the browser used). 

Download SSL root certificate: Download SSL root certificate for your browser to support HTTPs redirects (to the block page or for bypass codes support) without certificate error notifications.

Alert

Known issue: An issue has been identified where the Microsoft Edge SmartScreen feature interferes with the redirect.

Installation Procedure for Chrome-based Browsers

For Chrome-based browsers like MS Edge, the certificate needs to be installed in the Local Computer Certificates store

To install the certificate for Chrome-based browsers, complete the following steps: 

  1. Click the Start button.
  2. TypeManage computer certificates.
  3. Open the Manage computer certificates application (this may require privilege escalation, i.e. administrative access).
  4. Expand the Trusted Root Certification Authorities entry.
  5. Right click on the Certificates item.
  6. Choose All Tasks, followed by Import.
  7. Follow the steps displayed in the Certificate Import Wizard to import the certificate downloaded in Step 1.
  8. Restart all Chrome-based browsers.

Installation Procedure for Firefox Browsers

For Firefox, the certificate needs to be installed in the browser’s certificate store. 

To install the certificate for Firefox browsers, complete the following steps: 

  1. Open the Firefox Settings page.

  2. Search for certificates.

  3. Click on the View Certificates link.

  4. In the Certificate Manager opened by clicking on the link in step 3, scroll to the bottom and click the Import button.

  5. Follow the steps in the wizard; do not choose the purpose of the certificate (Trust web sites and/or Trust email addresses).

  6. Restart Firefox.