Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
924
Views
0
Helpful
3
Replies

using WSA generated CSR to get sign via Public CA (GoDaddy) for HTTPS Decryption ?

Go to solution
hashimwajid1
Level 3
Level 3

‎05-30-2019 04:59 PM

Hi Team,

 

can we use WSA own self generated CSR to get sign via Public CA (GoDaddy) and use it for all Users/Contractors/Mobile devices ?

we dont have any Internal CA and want decryption for all Users Domain/Guest 

 

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎05-30-2019 11:27 PM

Hi,
No, that is not possible. When doing HTTPS/SSL Decryption, the certificate used must be a "Subordinate CA" type certificate. This certificate isn't your typical certificate and a public CA like GoDaddy isn't going to issue one.

HTH

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Rob Ingram
VIP
VIP

‎05-30-2019 11:27 PM

Hi,
No, that is not possible. When doing HTTPS/SSL Decryption, the certificate used must be a "Subordinate CA" type certificate. This certificate isn't your typical certificate and a public CA like GoDaddy isn't going to issue one.

HTH
0 Helpful

Go to solution
hashimwajid1
Level 3
Level 3
In response to Rob Ingram

‎06-01-2019 03:27 AM

Hi RJI,

 

thanks for the comments

 

then how can we achieve Decryption for Guest/Contractor without getting any certificate error. we want all Guest/Contractor traffic via Proxy only.

 

Thanks 

0 Helpful

Go to solution
Ken Stieers
VIP
VIP
In response to hashimwajid1

‎06-01-2019 06:01 AM

You have to make the cert available for them to install or not decrypt their traffic.


0 Helpful
Customers Also Viewed These Support Documents