Jump to content



SSL Web Application Firewall

This topic has been archived. This means that you cannot reply to this topic.
No replies to this topic

#1 Johnny Flanagan

Johnny Flanagan
  • Members
  • 1 posts

Posted 20 February 2014 - 12:52 PM

I've perused the documentation, and I've got a question about adding SSL to an existing HTTP Service, which consists of two load balanced IIS servers that I've already installed SSL certs on. Our entire site isn't going to be encrypted, just certain portions. Should I add a separate HTTPS service for that domain, or should I just enable SSL for the existing HTTP service? Is it appropriate/possible to just ask the WAF to pass through requests to the servers and let them handle authentication, or do I need to export/install the server certs onto the WAF? The documentation is clear on the different processes, but not exactly clear on the circumstances/motivation behind each option.