What are those PEMs and DERs files?

The installation folder of Web Safety contains several PEM and DER files. These can be misleading sometimes. This article tries to explain what those file mean.

  • The myca.pem is a self signed root certification authority self contained file that proxy process uses to mimic the certificates of the HTTPS decrypted sites. The myca.der is its corresponding certificate in the DER format that needs to be installed in the browser in order to establish a trust to the proxy.
  • The gui.rsa is a private key the Apache/UI will use to self sign HTTPS access to itself. The gui.pem is the certificate chain corresponding to that private key that Apache/UI will send to connecting browsers to establish HTTPS.
  • Finally the license.pem is also a time based certificate that is used in ICAP web filtering daemon as a licensing scheme.

Those three have nothing to do with each other.