Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

HTTPS-Based Malware Not Detected

 

If your HTTPS-based malware is not detected by Sky ATP, the root certificate on your SRX Series device (for HTTPS forward proxy) may be invalid. This may occur when the CA profile name is not correct. It must be named policyEnforcer.

For example:

root@host# set security pki policyEnforcer ssl-inspect-ca ca-identity ssl-inspect-ca

root@host# set security pki policyEnforcer ssl-ca ca-identity ssl-ca

For more information on loading root certificates with Policy Enforcer, see Loading a Root CA.