HTTPS-Based Malware Not Detected
If your HTTPS-based malware is not detected by Juniper ATP Cloud, the root certificate on your SRX Series device (for HTTPS forward proxy) may be invalid. This may occur when the CA profile name is not correct. It must be named policyEnforcer.
For example:
root@host# set security pki policyEnforcer ssl-inspect-ca
ca-identity ssl-inspect-ca
root@host# set security
pki policyEnforcer ssl-ca ca-identity ssl-ca
For more information on loading root certificates with Policy Enforcer, see Loading a Root CA.