The Umbrella User Guide Developer Hub

Welcome to the Umbrella User Guide developer hub. You'll find comprehensive guides and documentation to help you start working with Umbrella User Guide as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Manage Certificates

A root certificate is required in any circumstance where Umbrella must proxy and decrypt HTTPS traffic intended for a website. It is required for Block Pages and HTTPS Inspection. For Block Pages, if you visit a blocked domain through HTTPS, a certificate must be installed so that Umbrella presents a block page rather than a browser error. For HTTPS Inspection, if a domain is proxied, a certificate must be installed so that Umbrella can decrypt HTTPS traffic without the browser presenting an error. For identities that are configured to use a DNS policy, this must be the Cisco Umbrella root certificate. For identities that are configured to use a Web policy, this can be either the Cisco Umbrella root certificate or your own CA signed root certificate.

For procedures, see:

Certificate Installation Methods

Certificate installation can be done on a per-browser or per-machine basis. For larger deployments, you can perform an automatic installation through Group Policy (GPO). Note that the automatic installation through GPO is only supported for the Internet Explorer, Edge, or Chrome browsers on Windows systems. As such, for Firefox or Safari browsers, and for users on non-Windows operating systems, you must perform the manual installation procedure.

You can also install a certificate automatically—through Active Directory Group Policy Objects—for a group of users in Microsoft Windows Active Directory. This automatic installation of a certificate is only supported for Internet Explorer, Edge, or Chrome browsers on Windows systems. For all other browsers and systems, you must perform the manual installation procedure.


Review File Type Controls Through Reports < Manage Certificates > Install the Cisco Umbrella Root Certificate

Updated 7 months ago

Manage Certificates


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.