Regarding SSL Integration with Safeline Firewall
Published 20 days ago
Published 20 days ago
Ashok Lohiya
Updated 20 days ago
0
My application is currently running with SSL enabled on the backend. I now want to add this application (website) to the Safeline firewall. However, I do not have access to the SSL certificate used by the backend application.
Is it possible to add the website to the Safeline firewall without having the SSL certificate?
Additionally, most of our client websites are also SSL-enabled, but they are not willing to share their SSL certificates. In such cases, how can we integrate those websites with the Safeline firewall while maintaining SSL functionality?
Carrie-SafeLine
Updated 20 days ago
0
Yes, you can add the site on SafeLine directly and configure the HTTPs address on the upstream server.
Ashok Lohiya
Updated 20 days ago
Thank you for the reply.
Here I have added my website, but it does not work, so how can it set up?
Ashok Lohiya
Updated 19 days ago
any update
Carrie-SafeLine
Updated 19 days ago
You need to check the SSL option for port 443, and then add the certificate
Ashok Lohiya
Updated 17 days ago
My main concern is regarding SSL. My website is currently running with SSL enabled. However, the client websites do not share their SSL certificates. In this case, is it possible to add these backend client websites to SafeLine AF without having their SSL certificates? If it is possible, could you please explain how it can be done?
Carrie-SafeLine
Updated 16 days ago
check the SSL option for port 443, and then add another SSL certificate for this application.
You can click on "Add new cert", and get a free cert directly. The free cert will be valid for 90 days.
Ashok Lohiya
Updated 6 days ago
Can I add a website to Safeline WAF without an SSL certificate? Can Safeline automatically redirect the website to HTTPS without installing an SSL certificate?
Carrie-SafeLine
Updated 6 days ago
No. A SSL cert is a must. Do you have any difficulty in getting a cert or a free one for your website?
Ashok Lohiya
Updated 6 days ago
thank you @carrie for your response.. However my main concern is we are providing waf as a service to our client using safeline waf. And main existing clients will have their domain running in https and we dont wanna add their certificate in waf. Some clients are not comfortable sharing their ssl certificate.
so my main concern is, we just wanna add the backend as: https://example.com and we dont wanna add any ssl certificate in waf. If the example.com is using its own ssl certficate then others should see their own ssl certificate. I dont wanna mannualy add clients certificate in WAF or generate the ssl cert from letsencrypt.
Basically what i am saying in we dont want our waf to be the ssl termination point.
can you explain me on this if this is possible ?
Carrie-SafeLine
Updated 6 days ago
It's impossible. If no certificate is added, those domains cannot run in HTTPS.
Carrie-SafeLine
Updated 6 days ago
If possible, you can deploy SafeLine for each of those clients in their environment who don't want to share their cert and help them configure apps on their SafeLine if they don't know how to do that.