HTTPS (HTTP over TLS/SSL)

Bek

Hello everyone. To fulfill this requirement, what settings do I need to make, please provide links to the documentation.

****Many HTTP servers use BASIC as their primary mechanism for user authentication. This is a very simple scheme that uses base 64 to
encode the cleartext user id and password. If a malicious user is in a position to monitor HTTP traffic, user ids and passwords can be
stolen by decoding the base64 authentication data. To secure the authentication process, use HTTPS (HTTP over TLS/SSL)
connections to transmit the authentication data.****

Bruce_Briggs

There are no settings in Fireware to convert or redirect a HTTP connection to a HTTPS connection.

And, the destination needs to support HTTPS. While most do now, some sites still do not.

james.carson

Hi @Bek

The closest thing we'd have to this is the reverse proxy in the Access Portal, which requires signing into a portal on the firewall and accessing the page via that.

The actual BASIC auth, and everything that the server is doing really needs to be modified on that server. If the firewall is modifying the connection (in the event that it could) the traffic is still being encoded the old way between the firebox and the server.