Exporting an HTTPS Scanning Certificate

A created or imported certificate can be exported from GFI WebMonitor in the following file formats:

File format Description
Personal Information Exchange file formatA certificate file format that contains the certificate data and its public and private keys. (.pfx) Contains the certificate data and its public and private keys. Required by GFI WebMonitor proxy to re-encrypt inspected HTTPSHypertext Transfer Protocol over Secure Socket Layer (SSL). traffic. Ideal for backing up the certificate and its keys.
Certificate file format (.cer) Contains the certificate data but not its private key. Ideal for deploying the certificate as a trusted certificate to the client computer.


Keep the private key of the certificate safe to avoid unauthorized generation of trusted certificates.

To export an existing certificate:

  1. Go to Settings > Core Settings > HTTPS Scanning.

Export certificate options

  1. In the Current Certificate area, click Export as .cer or Export as .pfx as required.

By default the exported certificates are saved on the download folder.


It is recommended that when the certificate is not issued by a trusted Certificate Authority, it is exported from GFI WebMonitor and deployed to the client computers as a trusted certificate. For more information on how to deploy a certificate to client computers, refer to: http://go.gfi.com/?pageid=WebMon_HTTPSInspectionCertificate