Create a certificate authority (CA) for Forcepoint Endpoint Context Agent (ECA)
- Article Number: 000014099
- Products: NGFW ECA Client for Windows, Next Generation Firewall (NGFW)
- Version: All versions, 6.4, 6.3, 1.3, 1.2, 1.1
- Last Published Date: September 14, 2018
The Forcepoint Endpoint Context Agent (ECA) configuration requires an external Certificate Authority (CA) to sign the endpoint certificates. Certificates signed by the CA are used to secure communication between the NGFW Engine and the endpoint clients.
The fastest and most convenient way is to use an existing CA that has already been used to sign and enroll certificates on the endpoints. If the endpoints do not yet have certificates, you can create a CA and a policy to enroll the new certificates. Import the CA to the SMC as a Trusted Certificate Authority element. For information about creating the Trusted Certificate Authority element, see the Forcepoint Next Generation Firewall Product Guide.