For information on why an SSL Certificate is required for SSL Inspection, see SSL Inspection
You may choose to install a certificate manually, as per this article:
- For testing purposes on an individual client
- If your network has a small number of Android devices that need SSL Filtering
- If your Android devices are not managed using an MDM solution
Note: If your network has a number of Android devices, you may prefer to deploy the certificate via your school's MDM (Mobile Device Management) solution.
Installing an SSL or TLS Certificate (as a Trusted Root Certification Authority)
1. Download the SSL or TLS certificate file from the N4L Managed Network SSL and TLS Certificates page to your Download folder.
NOTE: TLS Certificates are used for schools preparing for, or that have completed their Managed Network Upgrade (Palo Alto firewalls). SSL Certificates remain valid until migration (Fortigate firewalls).
Note: If you did not download the certificate file on the Android device that you are installing it on, you must transfer the certificate file to that device (e.g. via transfer cable or email)
This article assumes you have downloaded the certificate.
2. Navigate to Settings and select it.
3. Select Security and Privacy. (this may just be Security on your device).
4. Scroll down to and select More Security Settings.
5. Scroll down to Credential Storage, select Install from device storage.
Note: If you cannot find the Certificates section (it may be hidden), go back to the Settings page and click on the search icon and search for Certificates. Click on any Certificates link that is returned, preferably something like install certificate (any Certificate link should get you to the right location for this step).
6. Select Wi-Fi certificate.
7. Select the N4L certificate. This should be in the Downloads folder.
Note: This will be in the folder you downloaded the certificate in.
8. Select the N4L certificate. (SSL or TLS)
9. Select Done. The certificate will be installed.
Optional: Check that the Certificate is Trusted
To ensure that the installed certificate is Trusted, perform the following steps.
The exact location of the Trusted Credentials menu will depend on the version of Android your device is running.
-
Open the Settings App on the device.
-
Go to Security and search for certificates. Select User Certificates.
-
Select User Certificates again.
-
If the certificate is present in the list of User certificates, then the certificate installed correctly.
When to Perform These Steps
Installing an SSL or TLS certificate is usually required after configuring SSL or TLS Filtering for the first time, or when the certificate has expired or been re-issued.
If you are installing certificates manually on all of your Android devices, these steps will need to be performed on each new device that is to be subject to SSL and TLS Filtering.
