I can't find documentation on HTTPS inspection. What does it do actually?
Is it available in Professional?
Thanks.
What does HTTPS inspection do?
Moderator: Qbik Staff
10 posts
• Page 1 of 1
What does HTTPS inspection do?
by ahkow » Aug 20 13 7:51 pm
- ahkow
- Posts: 33
- Joined: Jun 13 07 2:27 pm
Re: What does HTTPS inspection do?
by adrien » Aug 21 13 1:39 am
Hi
HTTPS inspection is an enterprise feature.
There is a help page on it in the manual, under the WWW proxy (or hit the F1 key when you're on the SSL inspection tab in the WWW proxy). Basically it allows WinGate to gain access to the unencrypted data when surfing https sites. It does this by spoofing certificates to use back on the connection to the client based on the cert the server is using. For this reason, you need to deploy the signing certificate to client computer certificate stores to avoid browser certificate warnings - this is a standard requirement for any https inspection system.
Regards
Adrien de Croy
HTTPS inspection is an enterprise feature.
There is a help page on it in the manual, under the WWW proxy (or hit the F1 key when you're on the SSL inspection tab in the WWW proxy). Basically it allows WinGate to gain access to the unencrypted data when surfing https sites. It does this by spoofing certificates to use back on the connection to the client based on the cert the server is using. For this reason, you need to deploy the signing certificate to client computer certificate stores to avoid browser certificate warnings - this is a standard requirement for any https inspection system.
Regards
Adrien de Croy
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
Re: What does HTTPS inspection do?
by agubaira » Jul 17 14 5:30 am
- agubaira
- Posts: 7
- Joined: Oct 19 13 10:16 am
Re: What does HTTPS inspection do?
by adrien » Jul 17 14 10:58 am
Hi
yes, it means for sites like facebook, google etc that use https, you can scan, filter and cache etc.
Regards
Adrien
yes, it means for sites like facebook, google etc that use https, you can scan, filter and cache etc.
Regards
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
Re: What does HTTPS inspection do?
by agubaira » Jul 18 14 2:28 am
I tried to activate this feature but the "signer certificate" dropdown list is empty. Can you explain a little further on how to proceed in the case of Facebook ? How do I add the signer certificate ?
Thank you
Thank you
- agubaira
- Posts: 7
- Joined: Oct 19 13 10:16 am
Re: What does HTTPS inspection do?
by adrien » Jul 18 14 4:34 am
HI
you need to generate or import a signer certificate. That is used for 2 things:
1. to sign certificates that are generated on-the-fly by WinGate when the user goes to an https site. These are the "spoofed" certificates that fool the client browser into accepting the certificate.
2. to deploy to client computers trusted root store
This is all to avoid certificate warnings, since in order to get in the middle of the https connection, WinGate needs to use its own certificate to talk to the client.
Regards
Adrien
you need to generate or import a signer certificate. That is used for 2 things:
1. to sign certificates that are generated on-the-fly by WinGate when the user goes to an https site. These are the "spoofed" certificates that fool the client browser into accepting the certificate.
2. to deploy to client computers trusted root store
This is all to avoid certificate warnings, since in order to get in the middle of the https connection, WinGate needs to use its own certificate to talk to the client.
Regards
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
Re: What does HTTPS inspection do?
by garth » Jul 23 14 7:01 am
The Docs have not guidance on how to create or what type of cert you need. (if there is, I could find it)
What type of Cert is needed for this Computer cert or Web cert or ????
Once the Cert is created, does it need to be installed anywhere other that the cert store?
Are their any step-by-step guide for this using Windows 2012 AD Certificate services?
What type of Cert is needed for this Computer cert or Web cert or ????
Once the Cert is created, does it need to be installed anywhere other that the cert store?
Are their any step-by-step guide for this using Windows 2012 AD Certificate services?
- garth
- Posts: 11
- Joined: Jul 20 14 8:58 am
Re: What does HTTPS inspection do?
by adrien » Jul 23 14 4:17 pm
HI
there are a couple of requirements.
It needs the attribute set to enable it to be used for signing other certificates.
If you generate a cert in WinGate itself, it generates the correct attributes, you could look at those as a reference.
Need also basic constraints Extension with CA:true
Adrien
there are a couple of requirements.
It needs the attribute set to enable it to be used for signing other certificates.
If you generate a cert in WinGate itself, it generates the correct attributes, you could look at those as a reference.
Need also basic constraints Extension with CA:true
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
Re: What does HTTPS inspection do?
by garth » Jul 23 14 4:30 pm
But how do you create the cert in Wingate? There is no option on the config page to create a cert....
- garth
- Posts: 11
- Joined: Jul 20 14 8:58 am
Re: What does HTTPS inspection do?
by adrien » Jul 23 14 5:30 pm
in the tasks panel when you're in the certificates pane, click "Add Certificate".
Regards
Adrien
Regards
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
10 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 16 guests