Athena SWG (Secure Web Gateway)

Athena SWG (formerly Internet Access Gateway) ensures visibility and control across the network, detecting risks like unauthorized access, non-compliant activities, and data leaks to manage endpoints.
{{ $t('productDocDetail.guideClickSwitch') }}
{{ $t('productDocDetail.know') }}
{{ $t('productDocDetail.dontRemind') }}
13.0.120
Athena SWG (Secure Web Gateway) {{ breadTitle }} User Manual Functions Online Activities Advanced SSL Certificate
{{sendMatomoQuery("Athena SWG (Secure Web Gateway)","SSL Certificate")}}

SSL Certificate

{{ $t('productDocDetail.updateTime') }}: 2025-12-29

Enable SSL Contents, and then the endpoint browser will alarm that the certificate of the HTTPS website cannot be validated. The alarm can be removed when the certificate is imported into the endpoint computer. Root certificates of previous devices only can be imported into the built-in root certificate of the Sangfor device, which supports custom certificate import.

Built-in root certificate

Choose Online Activities > Advanced > SSL Certificate to check the Built-in root certificate.

Click Download Root SSL Certificate.

Specified root certificate

Navigate to Online Activities > Advanced > SSL Certificate to select the Specified root certificate. Click the Settings button to configure the specified root certificate.

3.6.2.2.2.1 Generate a New Root Certificate

Fill in the information of the root certificate and click OK[A93].

After you return to the configuration page, Root certificate has been specified. Click Save[A94] to apply the changes on the page for further confirmation.

Click Yes[A95] and then confirm to prevent bringing troubles caused by misoperation into the endpoint.

After clicking Yes, Valid is shown on the SSL Certificate page to prompt the certificate status.

Click Download Root SSL Certificate to distribute the root certificate to the endpoint device.

3.6.2.2.2.2 Import Root Certificate with Private Key

Import a certificate file and enter a password.

After you return to the configuration page, Root certificate has been specified. Click OK[A96] to apply the changes on the page for further confirmation.

Click Save and then confirm to prevent bringing troubles caused by misoperation into the endpoint.

After clicking Yes, Valid is shown on the SSL Certificate page to prompt the certificate status.

Click Download Root SSL Certificate to distribute the root certificate to the endpoint device.

3.6.2.2.2.3 Import Root Certificate and Private Key

Import a certificate file and a private key, and enter a password:

After you return to the configuration page, Root certificate has been specified. Click OK to apply the changes on the page for further confirmation.

Click [A97]Save and then confirm to prevent bringing troubles caused by misoperation into the endpoint.

After clicking Yes, Valid is shown on the SSL Certificate page to prompt the certificate status.

Click Download Root SSL Certificate to distribute the root certificate to the endpoint device.