If TLS Inspection is enabled, AND a URL filtering block or warning page needs to be displayed for an HTTPS session, you must install the Cato Networks CA certificate on every client host (laptops, PCs, smartphones, tablets, etc.) as a Trusted Root CA.
In the Digital Certificate screen, you can download the Cato Networks' CA certificate for automated distribution (such as Group Policy Objects) or for manual distribution.
Note:
You can also download the Cato Networks CA certificate from the Client download portal.
To download the Cato CA certificate:
From the navigation menu, click Security > Certificate Management.
Click the link to download the certificate (Download PEM or Download DER) and save it to the required location.