How can I issue certification in proxy server & web server?


#1

I want to issue certificate at proxy server & web server.
when i connect to hj.com,
hj.com -> proxy server -> web server
I am
but token for domain validation is saved at some uri
http://hj.com/.well-known/acme-challenge/blah-blah

when first connecting to proxy server configuration
I setting location like this.
location ^~ /.well-known {
access_log off;
log_not_found off;
}
so I can issue certification in proxy server.

but, when I want to issue certification in web server,
proxy server take the uri request and say that " there is no token!"

can I change uri or how can I issue two certificate for proxy server and web server?

maybe i am not good at english so you are hard to understand my question… sorry
thx.


#2

Do you want separate certificates ? or is this for a single domain name and you want to copy the same certificate to both the proxy and the web server ?


#3

uhm… I wanted separate certificates. so can I issue cert on proxy server by changing uri.
but my problem is solved. answer is simple.
when I don’t use proxy, I can issue cert on web server.
so thank you.


#4

You can use the default self-signed Proxy Authority CA certificate on the Firebox or XTM device for use with the HTTPS Proxy content inspection features. Your device re-encrypts the content it has inspected with this Proxy Authority self-signed certificate. When you use this default certificate, end users without a copy of this certificate see a warning in their web browser when they connect to a secure web site with HTTPS. To avoid these warnings, you can export the Proxy Authority certificate from the XTM device and import the certificate on your client devices.

For information on how to export the default Proxy Authority CA certificate from your device, see Export a Certificate from Your Device.

For information on how to import this certificate on your client devices, see Import a Certificate on a Client Device.


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.