[SOLVED] web interface SSL

Julien · July 09, 2016, 03:59:45 PM

Hi Guys,
is it possible to create a trusted certificate with the firewall FQDN on it ?
so when the users go to the http://FQDN or https://FQDN will be secure signed.

thank you

bartjsmit · July 10, 2016, 06:30:12 PM

Yes, I use a StartSSL certificate for the FQDN. https://www.startssl.com/

Bart...

Julien · July 11, 2016, 01:30:28 AM

Thank you for your answer Jan,
the firewall is not facing the internet, and the access to the firewall is always over the LAN or VPN.
using the self sign certificate gonna be a issue for the security ?

bartjsmit · July 11, 2016, 10:56:20 AM

No security risk at all, just a hassle with having to distribute the certificate to all internal clients or having your users click through warnings - which is a bad precedent.

StartSSL will verify that you own the domain through a web page or through email (e.g. hostmaster@firewall.domain). That means that you must control a website or MX record to get the cert.

Bart...

Julien · July 12, 2016, 07:21:27 AM

thank you bart,
we know starts already using it for our exchange.
a big thank you man

[SOLVED] web interface SSL

Julien

July 09, 2016, 03:59:45 PM Last Edit: July 11, 2016, 10:58:10 AM by franco

bartjsmit

July 10, 2016, 06:30:12 PM #1

Julien

July 11, 2016, 01:30:28 AM #2

bartjsmit

July 11, 2016, 10:56:20 AM #3

Julien

July 12, 2016, 07:21:27 AM #4