Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
906
Views
5
Helpful
2
Replies

Firepower 4110 ssl decryption supported certificates

praveen-dharmaraj
Level 1
Level 1

‎07-03-2018 10:13 PM - edited ‎02-21-2020 07:56 AM

Dear all ,

i am  planning to buy SSL certificate for the Firepower IPS model 4110 .

SSL certificate is for using https deep inspection .

My FMC version : 6.2.3.83 .

 

which type of certificate i have to buy , i can see lot of types in the public ca sites . please guide .

 

Thanks ,

Praveen

 

Labels:
0 Helpful
2 Replies 2

Rob Ingram
VIP
VIP

‎07-04-2018 01:22 AM

Hi, You cannot use any public CA to sign a certificate for SSL decryption. SSL Decryption is basically performing a MITM attack and impersonating the website's certificate, a public CA would therefore not grant such a certificate.

The certificate you require has to be issued from a local CA and the template used should be a "Subordinate Certificate Authority" template. All client computers must have the root certificate in it's certificate store in order to not receive any certificate errors.

HTH

praveen-dharmaraj
Level 1
Level 1
In response to Rob Ingram

‎07-04-2018 06:09 AM

Thank you  RJI.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card