Use the certificate on the Exchange 2016 server. HTTPS Proxy Action
Hi
I have configured a HTTPS Proxy Action that sends necessary request to the Microsoft Exchange server. But I have a problem with the certificate. I like to use the certificate that is installed on the Exchange server not the certificate installed on the Firebox.
How can I make a past through of the server certificate using HTTPS Proxy Action?
//marsk
0
Sign In to comment.
Comments
You can import your web server cert info your firewall.
See Gregg's post, here:
https://community.watchguard.com/watchguard-community/discussion/comment/2096#Comment_2096
Yes I know.
But is there no possibility to make a past through and use the exchange server for ssl?
//marsk
Not when using Inspect on your incoming HTTPS proxy.
When using Inspect, the session is remote web client -> firewall, not remote web client -> your web server
And for the firebox to see the URL inspection has to be enabelt?
//marsk
For HTTPS, yes
Is it the same with domain proxy, mail.volvo.com and remote.volvo.com. Can I have the certificate on the webserver in this case?
domain proxy ?
Your web server should be able to host multiple web sites.
If it does, you would not need to do Inspect on the HTTPS proxy unless you have some other reason to do so.
OK, tanks
I will try to get a second public IP over a VPN service, so I can have one address dedicated for mail.
//marsk
You can have incoming SMTP and HTTPS using a single public IP addr.
Yes
But not to different servers there I can’t detect a pattern in the URL.
And I can’t find any good article how to handle certificates in the firebox.
Since Gregg's post doesn't help you, open a support incident to get help from a WG rep on getting the cert copied over to your firewall.
Hello Marsk,
Check out below and let us know what's missing..
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/certificates/certificates_intro_c.html
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/certificates/cert_https_protect_private_c.html