Commit Error Received after Configuring SSL Decryption for Certificate Generation

Printer Friendly Page


After configuring SSL decryption, the commit fails after generating a certificate with the following error:  "Error:vys1 decryption: forward decrypt trust cert is not configured".



The commit fails because the SSL decryption requires a certificate for forward proxy.



  1. Create a self generated certificate with 'Certificate Authority' checked, as shown below:

  2. Once generated, open the certificate (Device tab > Certificate Management > Certificates) and check two options:
    Forward Trust Certificate
    Forward Untrust Certificate

  3. After clicking OK, the certificate store should look like the following:
  4. The commit should now be successful.


owner: kadak

Tags (4)

Aye. What if I want to upload a signed certificate for inbound SSL? The "Forward" boxes are always ghosted.

oi! The certificate you're trying to import needs to be a CertificateAuthority, you may need to re-create it with this attribute enabled before you try to import it