This recipe shows how to enable SSL insepction for webfiler on HTTPS website and how to import custom certification for SSL inspection. Step 1: Create your SSL/SSH inspection profile. Step 2: Modify web fiter profile. Select proxy inspection mode and enable "Scan Encrypted Connections" Step 3: Bind the webfilter profile and SSL/SSH inspection profile on policy setting. Step 4: Verification Notes: By default, SSL/SSH inspection will use Ruijie built-in certificate, the browser will show untrust while access HTTPS website. In order to solve this, it's requested to get this certificate signed by an enterprise root Certificate Authority (CA) and import to firewall. Here are the procedures for importing certification. Optional Step 5: Generating a certificatesigning request (CSR) Go to System > Certificates >Local Certificates and select Generate. In the Generate Certificate SigningRequest page, fill out the requiredfields. You can enter a maximum offive Organization Units.You may enter Subject AlternativeNames for which the certificate isvalid. Separate the names usingcommas Notes: This CSR will need to be submitted and signed by an enterprise rootCA before it can be used. When submitting the file, ensure that the template for a Subordinate Certification Authority is used. Step 6: Import a signed servercertificate from an enterpriseroot CA Once the CSR is signed by anenterprise root CA, you can import itinto the RG-WALL unit.Go to System > Certificates >Local Certificates and click Import.From the Type drop down menu select Local Certificate and click Choose File. The CA signed certificate will now appear on the Local Certificates list. Step 7: Choose your own certificate on SSL/SSH inspection profile. |
This site contains user submitted content, comments and opinions and is for informational purposes only. Ruijie may provide or recommend responses as a possible solution based on the information provided; every potential issue may involve several factors not detailed in the conversations captured in an electronic forum and Ruijie can therefore provide no guarantee as to the efficacy of any proposed solutions on the community forums. Ruijie disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Ruijie Community Terms of Use.
More ways to get help: Visit Support Videos, call us via Service Hotline, Facebook or Live Chat.
©2000-2023 Ruijie Networks Co,Ltd