Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 1 subscriber
  • Views 6276 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

virtual webserver using TLS/SSL and with multiple vhosts

rE3RUste
Hello,

I have been able to set up SOPHOS UTM 9 to work with a small webserver on port 80. For doing this I followed the following tutorial:

https://www.howtoforge.com/how-to-protect-your-web-server-with-sophos-utm

and 

http://www.sophos.com/en-us/support/knowledgebase/120388.aspx

I am now trying to set allow my apache vhosts to be exposed onto the internet however I have a few questions I wanted to ask you first:

When adding a new virtual webserver (for port 443) should I pick "Type Encrypted"? If I do so then why do I need to select a certificate there? I already generated a self signed cirtificate on my server so why do I need one there too? If that is the case then I would have a certificate for multiple different domains? 

How can I make this work with apache vhosts? 

If anyone has got this to work please let me know.
Thank you
George


This thread was automatically locked due to age.
Parents
  • 0
    1. Internet->HTTPS->UTM->HTTPS->server, Internet->HTTPS->UTM->HTTP->server and Internet->HTTP->UTM->HTTPS->server all are possible.  The advantage of the second one is that there's no SSL processing load on the web server and only a single Real Server on port 80 can be used.
    2. Yes, if you make the choice to only use UTM->HTTP->server.
    3. Virtual HTTPS servers each have to have a certificate, and it's from the cert that the Virtual server knows what traffic to handle.
    4. Unless you're currently doing authentication of incoming clients on the web server, this is not relevant.  If you are, please start another thread with that issue.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    1. Internet->HTTPS->UTM->HTTPS->server, Internet->HTTPS->UTM->HTTP->server and Internet->HTTP->UTM->HTTPS->server all are possible.  The advantage of the second one is that there's no SSL processing load on the web server and only a single Real Server on port 80 can be used.
    2. Yes, if you make the choice to only use UTM->HTTP->server.
    3. Virtual HTTPS servers each have to have a certificate, and it's from the cert that the Virtual server knows what traffic to handle.
    4. Unless you're currently doing authentication of incoming clients on the web server, this is not relevant.  If you are, please start another thread with that issue.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML