ESET Online Help

Search English
Select the topic

HTTPS traffic caching

ESET Bridge can decrypt and cache HTTPS traffic:

oUpdate requests (modules, repository) sent from a supported ESET security product:

Supported ESET security product (HTTPS traffic caching)

Supported product version

ESET Endpoint Antivirus/Security for Windows

10 and later

oESET LiveGuard Advanced traffic for ESET PROTECT On-Prem and the supported ESET security products listed above.


HTTPS traffic caching limitations

ESET Bridge does not support HTTPS traffic caching for ESET security products (and their versions) not listed above (earlier ESET Endpoint for Windows, Windows Server/Linux/macOS security products).

ESET PROTECT On-Prem supports HTTP/HTTPS traffic caching, but the cloud ESET PROTECT supports only HTTP traffic caching. The cloud ESET PROTECT does not support HTTPS traffic caching—the required certificates are available in ESET PROTECT On-Prem, but not in the cloud ESET PROTECT.

ESET Bridge and ESET PROTECT support HTTP traffic caching for all ESET security products.


ESET PROTECT All-in-one installer and Virtual Appliance (when ESET Bridge is enabled during the Virtual Appliance deployment) create default HTTP Proxy Usage policies for ESET Management Agent and ESET security products applied to the All Static Group. The policies automatically configure ESET Management Agents and ESET security products on managed computers to use ESET Bridge as a Proxy for caching update packages. The HTTPS traffic caching is enabled by default:

The ESET Bridge policy contains the HTTPS certificate, and the Cache HTTPS Traffic toggle is enabled.

The ESET Endpoint for Windows HTTP Proxy Usage policy contains the Certificate Authority for the HTTPS traffic caching.

If you installed ESET Bridge using a standalone installer (on Windows or Linux) or the Software Install Task, you need to configure HTTPS traffic caching via Policies:

1.Create or edit an ESET Bridge Policy with these settings:

a.Expand Cache and enable the Cache HTTPS traffic toggle.

b.Click Change certificate next to HTTPS Certificate > click Open certificate list and select ESET Bridge certificate.

2.Create or edit an ESET security product Policy. When setting Proxy Server details in Connectivity > Proxy Server, click Edit next to Certificate Authorities and add the ESET PROTECT Certification Authority. ESET security products use the Certification Authority to validate the peer certificate from the ESET Bridge Policy.


Expired ESET Bridge certificate

ESET PROTECT Web Console starts displaying an alert 30 days before the ESET Bridge certificate expires:

When the ESET Bridge certificate expires, ESET Bridge stops caching HTTPS traffic and uses a direct connection for HTTPS traffic.

To continue using the HTTPS caching, create a new ESET Bridge certificate and apply it via ESET Bridge Policy.