Using SSL certificates with Access Portal

I am attempting to make an internal website hosted on one of my servers available to external clients. I have imported an SSL certificate for the firebox's external facing domain (example1.mycompany.com). That works great. I brink up its address with no invalid cert messages. I log in, then click on the webapp icon, it's brinks up example2.mycompany.com but it says site not secure, and when clicking on the ssl cert details it is still using the cert from example1, the firebox's cert. Is there a way to force the web app to use it's own cert. When I login internally the same way, it hands off fine, the firebox uses example1 and then the internal web page uses example2.

Comments

  • For the record, what firewall model do you have and what Fireware version is it running?

    Are you using a HTTPS proxy policy or a HTTPS packet filter policy for access from the Internet to these web sites?

    With a HTTPS packet filter, the cert being seen by the web client should be from the web server.

    If you have a wildcard cert, then you could import that into the firewall and it is good for all subdomains.

    If you have multiple certs - 1 for example1. and 1 for example2. -

    "In Fireware v12.2 and higher, when you configure Domain Name rules for content inspection in the inbound HTTPS Proxy, you can choose the proxy server certificate to use for that domain"

    This you can have multiple web site certs imported into your firewall, and set it up to use the correct one.

    Review this:
    Protect a Private HTTPS Server
    https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/certificates/cert_https_protect_private_c.html

  • it is an M370 on 12.6.3

Sign In to comment.