cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Using 3rd Party Certificate for HTTPS Inspection

Jump to solution

Hi Guys,

May I ask for your help on how can we make a 3rd Party certificate to be used on HTTPS Inspection instead of the self signed?

0 Kudos
1 Solution

Accepted Solutions

Re: Using 3rd Party Certificate for HTTPS Inspection

Jump to solution

For HTTPS inspection, you need a Certificate Authority not a certificate.

You will not be able to find a 3rd party supplier that will supply you with a CA without paying a huge amount of money as it will allow you to generate your own trusted certificates.

Regards, Maarten
0 Kudos
5 Replies
Highlighted
abihsot__
Nickel

Re: Using 3rd Party Certificate for HTTPS Inspection

Jump to solution

Hi,

yes, you have an option either to create or import certificate. Just make sure:

* your certificate is trusted by clients. Otherwise you'll get warnings for every page you visit.

* you have proper certificate (it is able to issue certificates - subordinate if I correctly remember the name)

0 Kudos

Re: Using 3rd Party Certificate for HTTPS Inspection

Jump to solution

Hi,

edit the firewallobject -> select "HTTPS Inspection" and click on the "Import" hyperlink, then follow the wizard.
Keep the points abihsot mentioned in mind and additionally import the certificate with the full chain (root CA etc. included).

0 Kudos

Re: Using 3rd Party Certificate for HTTPS Inspection

Jump to solution

For HTTPS inspection, you need a Certificate Authority not a certificate.

You will not be able to find a 3rd party supplier that will supply you with a CA without paying a huge amount of money as it will allow you to generate your own trusted certificates.

Regards, Maarten
0 Kudos
Admin
Admin

Re: Using 3rd Party Certificate for HTTPS Inspection

Jump to solution

It's against the terms of service of all major CAS to use their certificates for HTTPS Inspection purposes.

0 Kudos

Re: Using 3rd Party Certificate for HTTPS Inspection

Jump to solution

Use self signed certificate, it´s easy and works fine.

0 Kudos