This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HTTPS website

Hello everyone,

We are going to publish a HTTPS website through Cyberoam UTM. As you know, we always create a new Virtual Host for publishing a new service for internet users. But in this scenario, we have encryption considerations. In such scenarios, we need to generate a CSR and install issued certificate. The question is that, where to generate CSR and install certificate? Cyberoam or Server? 

For the clarification: I've read if we are going to use WAF, we are supposed to generate CSR and install certificate on Cyberoam (Everything would be done on UTM). But if we use Virtual Host (Port Forwarding), everything (CSR and installation) must be done on Server. 

 

Am I right? or...



This thread was automatically locked due to age.
Parents Reply Children
  • Dear  , 

    I know how to generate CSR and Import certificates. The question is: When we must generate CSR and install certificates on firewalls?

  • Hi  

    When SSL content inspection for HTTPS traffic is enabled on Cyberoam, the web browsers prompt a warning message if the Certificate Authority (CA) for the certificate used by the Cyberoam SSL inspection is not known by the browser.  For this, you need to import the Cyberoam SSL Proxy certificate in Internet Explorer and Firefox Mozilla for decryption on SSL Inspection. 

    All Cyberoam appliances are shipped with a unique SSL CA Certificate which is used in HTTPS Deep Scan Inspection. This article describes how you can download Cyberoam's SSL CA Certificate and install it in your local browser and machine.

    https://community.sophos.com/kb/en-us/130801

    In public key infrastructure (PKI) systems, a Certificate Signing Request (also CSR or certification request) is a message sent from an applicant to a Certificate Authority (CA) in order to apply for a digital identity certificate.

    If you are using a third-party CA, Cyberoam allows you to generate a CSR to obtain a signed certificate. The CA verifies the details and issues a signed certificate to the applicant which can then be used for authentication.

    https://community.sophos.com/kb/en-us/130669

    Regards,

    Keyur
    Community Support Engineer | Sophos Support
    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link