we are trying to do Https inspection on firewall , created CSR from firewall and got signed from 3rd party root CA.
but still https logs shows that client doent have root ca installed.
In client browser the 3rd party root ca is already there in trusted root ca .
do we need to import the certificate on client ?
as per my understanding if the CSR is signed from 3rd party trusted root CA then there is no need to import the certificate on client as the client already have the root ca in browser store.