This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL/TLS Offload

If the virtual webserver uses https, and the real webserver http, the WAF offloads the SSL/TLS. But what happpens if you configure the real webserver with https as well? Does the WAF just act as a passthrough, sending everything to the real webserver, or does it still offload by decrypting the initial data between client and UTM and then re-encrypt between UTM and real webserver?

This thread was automatically locked due to age.

Parents

0 InformaticaOostkamp over 8 years ago

Let's say we have real webserver with an internally issued certificate for app.domain.com, and we also have a public certificate for app.domain.com installed on the WAF for external clients. The internal cert doesn't need to be added to the WAF?
Cancel
Vote Up 0 Vote Down

Cancel
0 vilic over 8 years ago in reply to InformaticaOostkamp

Let's say we have real webserver with an internally issued certificate for app.domain.com, and we also have a public certificate for app.domain.com installed on the WAF for external clients. The internal cert doesn't need to be added to the WAF?

Why don't you just import the certificate issued from public CA on internal web site also (since FQDN app.domain.com is the same both for internal and external clients) ?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 vilic over 8 years ago in reply to InformaticaOostkamp

Let's say we have real webserver with an internally issued certificate for app.domain.com, and we also have a public certificate for app.domain.com installed on the WAF for external clients. The internal cert doesn't need to be added to the WAF?

Why don't you just import the certificate issued from public CA on internal web site also (since FQDN app.domain.com is the same both for internal and external clients) ?
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data