This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Marvin_Castillo
Participant
‎2019-02-19 07:27 PM
Jump to solution

Using 3rd Party Certificate for HTTPS Inspection

Hi Guys,

May I ask for your help on how can we make a 3rd Party certificate to be used on HTTPS Inspection instead of the self signed?

0 Kudos
1 Solution

Accepted Solutions
Maarten_Sjouw
Champion
Champion
‎2019-02-20 04:53 AM
Jump to solution

For HTTPS inspection, you need a Certificate Authority not a certificate.

You will not be able to find a 3rd party supplier that will supply you with a CA without paying a huge amount of money as it will allow you to generate your own trusted certificates.

Regards, Maarten

View solution in original post

0 Kudos
5 Replies
abihsot__
Advisor
‎2019-02-19 11:06 PM
Jump to solution

Hi,

yes, you have an option either to create or import certificate. Just make sure:

* your certificate is trusted by clients. Otherwise you'll get warnings for every page you visit.

* you have proper certificate (it is able to issue certificates - subordinate if I correctly remember the name)

0 Kudos
Benedikt_Weissl
Advisor
‎2019-02-20 03:06 AM
Jump to solution

Hi,

edit the firewallobject -> select "HTTPS Inspection" and click on the "Import" hyperlink, then follow the wizard.
Keep the points abihsot mentioned in mind and additionally import the certificate with the full chain (root CA etc. included).

0 Kudos
Maarten_Sjouw
Champion
Champion
‎2019-02-20 04:53 AM
Jump to solution

For HTTPS inspection, you need a Certificate Authority not a certificate.

You will not be able to find a 3rd party supplier that will supply you with a CA without paying a huge amount of money as it will allow you to generate your own trusted certificates.

Regards, Maarten
0 Kudos
PhoneBoy
Admin
Admin
‎2019-02-22 08:52 PM
In response to Maarten_Sjouw
Jump to solution

It's against the terms of service of all major CAS to use their certificates for HTTPS Inspection purposes.

0 Kudos
Alessandro_Marr
Advisor
‎2019-02-20 06:19 PM
Jump to solution

Use self signed certificate, it´s easy and works fine.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events