SSL Certificate
You can use Bright Data products without the SSL certificate:
- Using Bright Data proxy API. Read more: API vs. native Access
- Get your account verified with our KYC process
The SSL certificate allows you to establish end-to-end encrypted connections when using Residential Proxies, Mobile proxies, Web Unlocker API or the SERP API in native proxy mode.
If you are just doing preliminary testing, you can also proceed without the SSL certificate and use it later.
Using the SSL certificate is straight forward. You download it, and choose how you want to use it in your environment.
Download the SSL certificate
33335. -
Right click on this link to “save as” the file to your hard drive.
-
Unzip the file and choose the certificate to use. Most users - espcially if they are new to Bright Data - should use the new SSL certificate.
Bright Data new SSL Certficate
Bright data now using an updated SSL Certificate which expires in September 2034. When using this certificate it is essential to configure your native proxy port to be 33335 which is the port serving requests secured by the new certificate.
If you use our old SSL certificate note that it is deprecated and expires in September 2026, and works towards port 22225. To ensure your smooth and secure operations use the new certificate with port 33335. Read more in: FAQ: Which port shall I use 22225 or 33335
Using the SSL certificate in your code
If you write scraping code, in most cases, you do not need to install the SSL certificate in your environment. Simply load the SSL certificate in your code. For example, for CURL:
You can refer to Bright Data sample code examples in the dashboard for exact syntax.
Installation of the SSL certificate
In some cases, for example when using some third party tools that don’t allow loading the certificate from your hard drive, you still need to install the SSL certificate on your computer.
Where do I install the certificate?
The SSL certificate needs to be installed on the host that is running the actual scraping code or application.
In most cases this is your PC but, if you use a cloud-hosted server to run your code, you need to install the SSL certificate on the server itself.
Installation instructions
This takes 2 minutes - simply follow these instructions:
-
If you didn’t do so already, Right click on this link to “save as” the file to your hard drive.
-
Double click the ca.crt file
-
Follow the Windows instructions to install the certificate.
-
Reboot your computer
-
After rebooting, you will be able to connect to Bright Data product you needed (Residential Proxy, Web Unlocker API or SERP API)
-
If you didn’t do so already, Right click on this link to “save as” the file to your hard drive.
-
Double click the ca.crt file
-
Follow the Windows instructions to install the certificate.
-
Reboot your computer
-
After rebooting, you will be able to connect to Bright Data product you needed (Residential Proxy, Web Unlocker API or SERP API)
- Once you’ve download the certificate file (see the instruction on the top of this article)
Go to Browser settings
Go to Browser settings
Go to Privacy and security and click on Security
Go to Privacy and security and click on Security
Scroll down and click on Manage certificate
Scroll down and click on Manage certificate
Go to Trusted Certification Authorities and click Import
Go to Trusted Certification Authorities and click Import
Click on Next
Click on Next
Click Browse and select the certificate you just downloaded, and click Next
Click Browse and select the certificate you just downloaded, and click Next
Select "Place all certificates in the following store" and click Next
Select "Place all certificates in the following store" and click Next
Make sure Certificate Store Selected by User is "Trusted Root Certification Authorities", and click Finish
Make sure Certificate Store Selected by User is "Trusted Root Certification Authorities", and click Finish
Click OK
Click OK
-
Type in the address bar:
about:preferences#advanced -
Under “Security” click “View Certificates”
-
Select the authorities tab, and click “Import” button below
-
Browse to the directory you downloaded the certificate file to, select the certificate file and click “Open”
-
In the popup box click the checkbox “Trust this CA to identify websites”
-
Click OK to complete the installation
-
Make sure Bright Data proxy is configured as Firefox’s proxy, and browse thru proxy to a protected website
-
Copy the downloaded certificate file
ca.crtto the/usr/local/share/ca-certificates/folder. -
Run
sudo update-ca-certificates. The output of the command should state that 1 certificate was added. -
Go to an SSL-protected website to check that everything is working as cted.
-
Double-click the downloaded certificate file. You will see the “Keychain Access” application.
-
Double-click the “luminati.io” certificate to see a popup with certificate settings.
-
Select “Always Trust” in the “When using this certificate” dropdown.
-
Close the popup enter your credentials when asked.
-
Restart your browser and go to an SSL-protected website to check that everything is working as expected.
-
Open up Safari
-
Navigate to this page and download the certificate using this link, but first read the following two items.
-
Click Install and provide your passcode
-
Click Install in the top right corner and then Done
-
Go to iPhone “Settings”
-
Go to “About”
-
Go to “Certificate Trust Settings”
-
Enable the “luminati.io” certificate
-
You can now go to an SSL-protected website in any browser installed in your system to check that everything is working as expected.
-
Download the following certificate and save it on your phone.
-
On your phone, look for the downloaded zip through ‘My files’ and extract it.
-
Go yo Settings > Security and privacy > More security settings
-
Under ‘Crednetial storage’ click ‘Install from device storage’
-
Select ‘CA certificate’ and click ‘Install anyway’
-
Enter your password
-
Select the certificate you extracted from your files and click ‘Done’
-
You can now go to an SSL-protected website in any browser installed in your system to check that everything is working as expected.
How to ignore SSL errors?
In some cases you will need to install our certificate or ignore SSL errors in order to get access to specific products or features. In case you are not interested in installing our certificate, you can ignore SSL errors. Check out the following code snippets for different programming languages, the highlighted part is what needs to be added to your code in order to ignore SSL errors.
Bright Data Proxy Manager SSL analysis
Some features require the Proxy Manager to have access to HTTPS traffic. This can be done by enabling the SSL Analyzing option on the proxy port configuration page.
Once you allow Proxy Manager to terminate the SSL you will also need to trust Bright Data Certificate Authority (CA).
Under the hood Proxy Manager will create a secure encrypted HTTPS connection with the target site, decrypt the traffic to log requests and run rules based on your settings and then pass the response back to your client in an encrypted HTTPS connection with a certificate signed by our CA certificate.