- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- HTTPS Certificate usage in Azure ApplicationGW & C...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
HTTPS Certificate usage in Azure ApplicationGW & CheckPoint VMSS
Dear CheckMates,
Requesting for suggestions on below:
I have CheckPoint VMSS in Azure and below the topology setup:
Internet == AzureApplication GW (as Layer-7 LB) === Checkpoint VMSS === Internalserver
I hosted my company website "www.abc.mycompany.com" in Internal server and need to access from Outside via AzAppGW IP
I have Wildcard certificate (*.mycompany.com) issued by GeoTrustRSA and using in Internalserver.
1) In CheckPoint Object HTTPS tab - Which Certificate can I use?
(a) (Shall I import Company Wildcard certificate or Self-signed created by CheckPoint VMSS)
2) In Azure Portal of AzureApplicationGateway - in 2 places HTTPS certificate needs to be used.
b) HTTP Settings Tab = in .cer format
c) Listeners Tab = in .pfx format
3) I also want CheckPoint VMSS to do Outbound Inspection with this Wildcard Certificate
(as per sk113125 Wildcard should not be used for Outbound Inspection by CheckPoint)
(I cannot use this CheckPoint self-signed certificate onto Internal server due to some limitation)
Please correct me if I'm wrong on below:
a) Create & use Self Signed certificate on CheckPoint VMSS Object HTTPS Tab
b) In Azure AppGW - HTTP Settings Tab = in .cer format = Create Self-signed Certificate of CheckPoint VMSS and use here. (Because For AzureApplicationGW - The backend pool is VMSS and it needs VMSS self-signed certificate to identify)
c) In Azure AppGW - Listeners Tab = in .pfx format (Use Company Wildcard certificate)
(Since AppGW will be listening on HTTPS port it needs Wildcard or Server Certificate)
Regards, Prabu
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
User | Count |
---|---|
3 | |
2 | |
2 | |
1 |
Thu 09 May 2024 @ 05:00 PM (CEST)
Under the Hood: Automate Azure Virtual WAN security deployments with Terraform