Help Center
Quick Start
- Overview
- System requirements
- Minimum privileges required
- Default port configuration
- Installing DataSecurity Plus
- Uninstalling DataSecurity Plus
- Starting DataSecurity Plus
- Launching DataSecurity Plus
- Configuring your solution
- Licensing details
- Applying a license
File Auditing
- About File Auditing
- Domain configuration
- File server configuration
- Failover cluster configuration
- NetApp server configuration
- Workgroup configuration
Setting up File Audit
Dashboard
Reports
Alerts
Configuration
Storage Configuration
File Analysis
- About File Analysis
- On-Demand Reports
Setting up File Analysis
Dashboard
Reports
Alerts
Configuration
Data Risk Assessment
- About Data risk assessment
Setting up Data risk assessment
Dashboard
Reports
Ownership analysis
Configuration
Endpoint DLP
- About Endpoint DLP
Setting up Endpoint DLP
Reports
Alerts
Prevention policies
Configuration
Cloud Protection
- About Cloud Protection
- Gateway Server Configuration
- Certificate Authority Configuration
- Gateway Configuration in Endpoint
- Manage Certificate Trust Store
- Threat Analytics Database
- Manage Banned Applications
- Manage Authorized Applications
- Gateway Server Failover
- Two-way SSL configuration
- Global Insight
- Application Insight
- User Insight
- Shadow Application Insight
- Banned Application Insight
- Cloud App Discovery
- Cloud Access Reports
- Application Insights
- Shadow Cloud Application Reports
- Banned Cloud Application Reports
- File Upload Reports
Setting up Cloud Protection
Dashboard
Reports
Control Policies
Storage Configuration
Administrative settings
- Technician configuration
- Notification filters
- Manage agent
- Agent settings
- SIEM integration
- Business hours configuration
- Two-factor authentication
- Workgroup configuration
- Security policy
Email configuration
General settings
- Connection
- Personalize
- DataSecurity Plus Server
- Privacy Settings
- Disk utilization
- Schedule Retention Policy
Policy Configuration
Release notes
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
Troubleshooting
- HTTP communication failure
- Dormant DataEngine
- Secure Gateway server failure
- RPC communication failure
- Known issues and limitations
- Known errors and solutions
Guides
- Agent document
- How to Migrate/Move DataSecurity Plus
- How to apply SSL certificate
- How to automate DataSecurity Plus database backup
- How to set alerts in DataSecurity Plus
- How to secure your DataSecurity Plus installation
Configuring a certificate authority
Certificate authorities (CAs) help verify the authenticity of a web application. When DataSecurity Plus’ Cloud Protection gateway server performs deep packet inspection, it decrypts and re-encrypts the HTTPS (HTTP over SSL) traffic. To do this, the gateway server generates its own SSL certificates that are sent to the endpoints. These self-generated certificates will be signed by DataSecurity Plus' own built-in CA. The certificates to be used by this CA can be customized as needed.
To add a new CA:
- Select Cloud Protection from the application drop-down menu at the top.
- Navigate to Configuration.
- In the Certificate section, select Server CA Management.
- Click + Add Certificate Authority in the top-right corner.
- Enter the following details:
- Enter a suitable Name.
- Set the industry standard of 2048 bits or greater for the KeySize.
- Select the Signature Algorithm that matches the KeySize.
- Set the expiration period for this certificate in Years and/or Months.
- Click Generate.
- Select Cloud Protection from the application drop-down menu at the top.
- Go to Configuration → Server CA Management
- Click on the download symbol next to the certificate generated. The certificate is now downloaded to your device.
Note: KeySize is the size of the key in bits, and it's required to enable TLS or SSL encryption.
Signature Algorithm: This is the hash algorithm used for signing and verifying the certificate.
The CA certificate is downloaded in the Server CA Management page by default. It has to be installed in all client devices to be trusted as the root authority.
Steps to download the generated CA certificate in all client devices:
In DataSecurity Plus:
Once downloaded, the CA certificate can be installed on individual endpoints manually or on multiple endpoints via a GPO by following the steps in this page.