Important issues affecting your filtering service - requires your attention and action

On 23 June 2015 the Google search services moved all search results behind SSL encryption. This means that all search results are now served using 'https', with the secure padlock shown in web browsers.

Important update to Google SSL and
RM SafetyNet certificate

To find out more call us free on 0808 172 9535 or email esafety@rm.com

Please select from the options above

Managed Microsoft devices

Managed Microsoft Windows

RM SafetyNet certificate deployment script for Windows networks

Instructions

GPO script
& certificate

Standalone Microsoft devices

Microsoft Windows

Instructions for installing the certificate on individual Windows machines

Instructions

Certificate


Managed Google Chromebooks

Managed Chrome OS

Instructions for deploying the RM SafetyNet certificate on managed Chromebooks

Instructions

Certificate
(G Suite)

Standalone Google Chromebooks

Chrome OS

Instructions for installing the RM SafetyNet certificate on unmanaged Chromebooks

Instructions

Certificate

Google tablet and mobile devices

Android

Instructions for installing the RM SafetyNet certificate on Android devices

Instructions

Certificate

Managed Apple devices

Managed Apple OSX
and iOS

RM SafetyNet certificate installer for Apple networks

Instructions

Apple Remote Desktop package

Certificate
(Apple)

Standalone Apple Mac

Apple OSX

Instructions for installing the RM SafetyNet certificate on unmanaged Apple Mac

Instructions

Certificate
(Apple)

Standalone iPad and iPhone/iPod

Apple iOS

Instructions for installing the RM SafetyNet certificate on unmanaged iOS devices

Instructions

Certificate
(Apple)

Important upgrades to your filtering service

At the start of 2015, we introduced ‘SSL interception’ functionality to RM SafetyNet. This gave us the ability to successfully intercept and filter inappropriate search results after Google implemented their change to use HTTP encryption for Google searches.

Since then, major web browsers and cloud service providers have announced plans to stop allowing users to access sites that use security certificates signed using the older SHA-1 hash algorithm1 and are already starting to display security warnings for security certificates issued using the SHA-1 hash algorithm.

1 Cloudflare - SHA-1 deprecation: no browser left behind

   Microsoft - SHA-1 deprecation countdown

What will be changing?

In order to perform ‘SSL interception’, RM SafetyNet needs to decrypt, analyse, and then re-encrypt all traffic using a security certificate.

Due to the increasing reliance on computer systems and Internet use, we have decided to upgrade the certificate that we currently use, to align it with updated requirements of industry leaders.

In order to future-proof RM SafetyNet and support future changes to browser security requirements, RM ais ssuing a new trusted root certificate which uses a stronger SHA-384 hash algorithm.

What action is required from you?

In order to avoid any possibility for inappropriate content to pass by filters performing 'SSL interception', you must:

  • Deploy a new security certificate must be deployed to all computers and devices that browse via an RM SafetyNet filtered connection by the 31st January 2017. Note that it’s important you also remove the old one.
  • Alternatively, we've produced simple tools for Windows AD networks which simplify deploying the new certificate.
  • We’re providing clear instructions or Windows networks, Apple devices including iPads, Android devices and Google Chromebooks.
  • We’re providing an easy to use test web site which you can use to confirm that everything has worked and you are ready for when Google and other web browsers make the change.

We’re here to help you

We’ve set up a dedicated helpdesk for installing the new certificate. From early December the team will be calling all RM SafetyNet customers to talk you through this update.

They will make contact to find out if you need assistance with deploying the certificates. If you do, they will arrange a suitable time for an engineer to talk you through the process and answer any queries you may have. If you would like to speak to a support representative about this issue, please call 0808 1729 535.

back to top button