[7.921][FEATURE][CLOSED] WAF does not validate internal certificate

I don't know if this is a bug or a missing feature but in my opinion it is necessary for security reason.

When I publish an internal HTTPS site with WAF it doesn't check if the internal certificate is valid and issued by a trusted CA. My internal web server uses a certificate issued by my internal Microsoft Enterprise CA. This CA is not know to the Astaro box but I can publish the website without any problem.

In my opinion this should work like the Web Security HTTPS Proxy. I should have to import my internal CA certificate so that WAF can build a "chain of trust" (or how want to call it). If the internal certificate can not be validated there should be no access to the internal webserver.

Greetings,
TPok

Parents

0 Astaro Beta Bot over 15 years ago

Astaro Beta Report
--------------------------------
Version: 7.921
Type: FEATURE
State: CLOSED
Reporter: TPok+
Contributor: 
MantisID: 
Target version: 
Fixed in version: 
--------------------------------

Reply

0 Astaro Beta Bot over 15 years ago

Astaro Beta Report
--------------------------------
Version: 7.921
Type: FEATURE
State: CLOSED
Reporter: TPok+
Contributor: 
MantisID: 
Target version: 
Fixed in version: 
--------------------------------

Children

No Data

[7.921][FEATURE][CLOSED] WAF does not validate internal certificate

Submitted a Tech Support Case lately from the Support Portal?