cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Multiple Gateways with different outbound certificate for https inspection

Hey! 

One of our customers has multiple clusters for his branch offices. In every branch, he want to use Application Control, URL Filtering and https inspection. His idea is to generate for every cluster it´s own https inspection outbound certificate. Is it possible to realize it? 

 

Cheers

Michael 

0 Kudos
3 Replies

Re: Multiple Gateways with different outbound certificate for https inspection

According to sk65123: HTTPSInspectionFAQ yes.

0 Kudos

Re: Multiple Gateways with different outbound certificate for https inspection

ok. I can not find the solution.... where is it described? 

  1. Which software blades support HTTPS Inspection?
  2. Which operating systems support HTTPS Inspection?
  3. Does HTTPS Inspection require a license? Is it a software blade?
  4. Are there legal implications to enabling HTTPS Inspection in my organization?
  5. Has Check Point cracked HTTPS? Could an attacker do this?
  6. Why do I get certificate warnings in the browser after turning on HTTPS Inspection?
  7. How can I make PCs trust the gateway's CA certificate?
  8. Does HTTPS Inspection use the Security Management server's Internal CA to issue certificates?
  9. Is there a performance impact when enabling HTTPS Inspection on the gateway?
  10. Why are Extended Validation (EV) certificates displayed as regular certificates in the browser?
  11. How are the CAs in the list of Trusted CAs chosen? Is the list updated?
  12. Does HTTPS Inspection check for CRLs? What about OCSP?
  13. Does HTTPS Inspection work on protocols other than HTTPs?
  14. Can I replace the gateway's CA with a different CA?
  15. Is it possible to perform selective inspection - just on specific sites, categories or users?
  16. Why do I sometimes get the gateway CA even for sites that are not configured to be decrypted?
  17. What information from the encrypted traffic is logged?
  18. I read in the news that someone conned the "xyz" CA to give them certificates for the "abc" web site...
  19. Which SSL/TLS versions are supported by HTTPS Inspection?
  20. Why isn't SSLv2 supported?
  21. Which ciphers are supported by SSL inspection?
  22. On which platforms/appliances is HTTPS Inspection supported?
  23. Does HTTPS Inspection support 3rd party wildcard certificates (like *.mycompany.com)?
  24. Why after enabling HTTPS Inspection some resources that use HTTPS protocol fail to connect?
  25. Is Client Certificate authentication supported by HTTPS Inspection?
0 Kudos

Re: Multiple Gateways with different outbound certificate for https inspection

8+14.

as well as

Threat Prevention Administration Guide R80.30 p.147f

0 Kudos