Hi All
I have a deployment of cloudguard on aws and the requirement is to perform HTTPs inspection on incoming IPS traffic.
There is a web server behind the cloudguard and using third party sign cert.
Here comes my question, in order to enable https inspection, we need to create/import an outbound cert. Should I just create an outbound cert and then import the third party ca for inbound traffic?
As the outbound cert we created will not be installed on the web server, will it be causing SSL error?
Or I can just import the third-party CA as outbound and inbound cert.
I remember I saw a sk regarding inbound https inspection, it mentions just create an outbound cert and then configures the policy in https inspection tab to any. Does it applied to my scenario as my deployment using third party cert.
Beside of that, how can we verify the https traffic being inspected and the IPS worked for the incoming traffic, as normally we have a aws waf to protect the perimeter.