Virtual Secure Web Gateway

Expand all | Collapse all

SWG SSL Certificate using internal/private CA

  • 1.  SWG SSL Certificate using internal/private CA

    Posted 11-18-2019 08:59 PM

    Hi,

    I am deploying hybrid solution by having SWG virtual appliance (on premise) and WSS on the cloud. My understanding for the SWG virtual appliance will have the following certificates :-
    1 for the system admin to access to the console using https and 1 will be used for the internet traffic. 

    I am deploying 10 SWG in different location. By default, the SWG will create a self signed certificate for each of the SWG. This means will I have 10 self signed certificate to be installed in all the browser to trust the SWG. (plus the WSS cloud certificate). 

    Note I will have a SMC will certificate install. 

    My questions are
    1) Can I have the step on how to create a CSR and then sign by my private CA ?
    2) Can I have only 1 main certificate to install in the SWG (for internet traffic. not for the system admin access to the console using https). This will allow me to install 1 certificate to all browser instead of 10 certificates). If yes, how do can I do it ?

    Thank you.



  • 2.  RE: SWG SSL Certificate using internal/private CA

    Posted 11-21-2019 12:28 AM
      |   view attached

    Dear Kamal,

     

    You can create CSR on the proxy and then signed with your CA.

     

    Go to Configuration-->SSL-->Keyring-->Create Give name and then click on generate CSR.

     

     

    BR

    Aboonaim

    ----------

    If you are satisfied with an answer, please click "Accept Solution"

     

     



  • 3.  RE: SWG SSL Certificate using internal/private CA

    Posted 11-21-2019 12:48 AM

    Hi Kalam,

     

    Reefr this Kb article too.

     

    https://support.symantec.com/us/en/article.TECH244873.html