This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Setting up an webserver on DMZ with signed cert.

I need to install a webserver on the DMZ of the firewall that only listens on standard port 80 and be accessible from the internet. I need the firewall to communicate only on secure https port 443 and use a signed certificate from an outside company such as Verisign for the connection. The firewall would translate the secure communications from the internet to the webserver on the DMZ. Is this scenario possible with Astaro V.4.0 and if so, what methods/procedures would be required to set it up?

This thread was automatically locked due to age.

Parents

0 Xman_01 over 22 years ago

Hi,

first, the cert ist made for the webserver and authenticates the webserver as "trusted". And as far I know, you have to use the certificate for the machine it has been assigned to, otherwise it will be "bad cert". (think info is somewhere in the rfc's)

So the only way to fix this,S-NAT 443 to the webserver on port 443 and keep the cert on the webserver where it belongs to.

If I'am wrong tell me please.

best regards
chris
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Xman_01 over 22 years ago

Hi,

first, the cert ist made for the webserver and authenticates the webserver as "trusted". And as far I know, you have to use the certificate for the machine it has been assigned to, otherwise it will be "bad cert". (think info is somewhere in the rfc's)

So the only way to fix this,S-NAT 443 to the webserver on port 443 and keep the cert on the webserver where it belongs to.

If I'am wrong tell me please.

best regards
chris
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data