How to Install the Cato Certificate

To install the Cato Certificate, download it from the Cato Client download portal and add it to your device's operating system certificate store.

Note

Note: For accounts that are using the 2014 Cato certificate as the default certificate for the account, this certificate will expire on Oct 29. 2025. You need to activate the new 2024 Cato certificate, for more information, see FAQ for the New Default Cato Certificate for TLS Inspection.

Installing the Cato Certificate

You can download the Cato certificate from the Client download portal and install it on the required devices.

Cato_Certificate.png

Installing the certificate will add it to the relevant operating system store (ie. Keychain for macOS, Certificate Management for Windows)

In case you're running third party tools which requires and manages its own certificate system, you'll need to import it there as well.

Few examples with references:

  • Java SE - You will be required to push the certificate to the Java cert store as well:

    115002657409-mceclip0.png

    Or using the keytool - https://docs.oracle.com/javase/tutorial/security/toolsign/rstep2.html

  • InteliJ - https://intellij-support.jetbrains.com/hc/en-us/community/posts/206153629-How-to-add-a-SSL-root-certificate-to-IDEA-on-OS-X-?sort_by=votes

  • Git - http://stackoverflow.com/questions/9008309/how-do-i-set-git-ssl-no-verify-for-specific-repos-only

  • Firefox - https://wiki.mozilla.org/CA:AddRootToFirefox

Known Issues

  • Unable to install the certificate. Error: "Couldn't install because certificate file couldn't be read"

    • Workaround: Install a certificate from Settings/Additional Settings/Privacy/Install certificate from SD/Choose the relevant certificate

Installing Root CA Certificate to Firefox

Starting with version 120, Firefox supports the built-in certificate, for more information see the Mozilla documentation.

To manually install the Cato certificate to Firefox:

  1. From the browser options menu, click Settings.

  2. Search for Certificates and click View Certificates.

  3. In the Authorities tab, click Import.

  4. Browse to where you stored the Cato root certificate and select it and click Open.

    This should resolve any certificate issues with TLS inspection in Firefox.

Was this article helpful?

4 out of 7 found this helpful

2 comments

Date Votes
  • Comment author
    carter.terry

    You have an article about installing the certificate and show screenshot of “easy installation page” but include no link to the page?!? Really? Very unhelpful.

  • Comment author
    Yaakov Simon

    carter.terry - Good point. We updated the article and added a link to the Cato Client download portal where you can download the Cato certificate.