Comodo Help
Find the desired product help
Comodo Dome Firewall

Comodo Dome Firewall

Dome Firewall Virtual Appliance Admin Guide

English

Print Help Download Help
Configure Proxy Services > HTTP/HTTPS Proxy Server > HTTPS Proxy
  • Introduction To Comodo Dome Firewall - Virtual Appliance
    • Install Dome Firewall And Login To The Administrative Console
  • The Main Interface
  • The Dashboard
  • View And Modify System Status And General Configuration
    • Manage Admin Accounts
      • Add And Manage Administrators
      • Manage Administrative Roles
    • License Activation
    • SNMP Settings
    • Central Management
    • Configure SSH Access
    • High Availability
    • View And Update Firmware Version
    • Create And Schedule Backup Of DFW State
      • Manually Create A Backup
      • Schedule Backup Operations
      • Encrypt Backup Archives
      • Export A Backup
      • Import A Backup Archive From A Local Computer
      • Roll Back The Virtual Appliance To A Previous Time Point
      • Reset The Virtual Appliance To Factory Defaults
    • Shutdown Or Restart The Dome Firewall Virtual Appliance
  • View DFW Virtual Appliance Status
    • System Status
    • Network Status
    • System Usage Summaries
    • Network Traffic
    • Network Connections
    • SSLVPN Connections
  • Network Configuration
    • Configure Interface Devices, Uplinks And VLANs
      • Configure Interface Devices
      • Add And Manage Gateway Uplink Devices
      • Create VLANs
    • Routes
      • Add And Manage Static Routes
      • Add And Manage Policy Routing Rules
  • Configure DFW Virtual Appliance Services And Protection Settings
    • DHCP Server
    • Advanced Threat Protection
      • Manage The ATP Profiles
      • Comodo Antivirus
    • Time Server
    • Intrusion Prevention
      • Configure Intrusion Prevention System
      • Manage IPS Rulesets
      • Manage Application Identification Rulesets
    • Configure Wireless Hotspot
      • Configure Captive Portal Service
      • Customize The Login Page
      • Add And Manage Permanent Users
    • Internet Content Adaptation Protocol
    • Quality Of Service
  • Manage Firewall Configuration
    • Firewall Objects
      • Manage Firewall Address Objects
      • Manage Firewall Object Groups
      • Manage Firewall Schedules
      • Active Directory Integration
    • Destination Network Address Translation
    • Source Network Address Translation
    • Configure System Access
    • Configure Firewall Policy Rules
      • Manage Firewall Policy Rules
      • Manage VPN Firewall Rules
  • Configure Proxy Services
    • HTTP/HTTPS Proxy Server
      • Configure URL And Content Filtering
      • HTTPS Proxy
  • Configure Virtual Private Network Settings
    • SSL VPN Server
      • Configure General SSL VPN Server Settings
      • Manage SSL VPN Client Accounts
      • Configure Advanced SSL VPN Server Settings
      • Configure Clients To Connect To Dome Firewall
    • IPsec Configuration
    • Configure L2TP Server
    • Configure IPSec/L2TP Users
  • View Logs
    • Realtime Logs
    • Configure Log Settings
    • Generate Reports
  • Appendix - Minimum Requirements For Software Installations

HTTPS Proxy

 

  • The HTTPS proxy service caches requests for encrypted web-pages, applies any access control policies, and forwards them to the requesting hosts.
  • You need to install the Dome intermediate certificate on endpoints in order to analyze SSL encrypted traffic.
  • You can also specify exceptions – website categories and URLs which should not go through the proxy service.
 
To configure the service
  • Click 'Proxy' >  'HTTP/HTPPS' from the left hand side navigation
  • Click the 'HTTPS' tab.




 The interface enables the administrator to specify/create intermediate certificate for authentication.


Note: In order to use HTTPS Proxy service, it is mandatory to install an intermediate certificate both in the DFW virtual appliance and the client computers. The service can be enabled only after deploying the certificate in the DFW virtual appliance. See Certificate Settings for more details.

  • Accept every certificate - If left unselected, the DFW virtual appliance will accept only the valid SSL certificates from the remote servers. If selected, the virtual appliance will accept all the certificates from the remote servers including outdated certificates.
  • Click 'Save'. A confirmation dialog will appear.
  • Click 'Apply' for your settings to take effect.

Certificate Settings


The intermediate certificate can be deployed to the HTTPS proxy service in two ways:

  • Use an existing certificate
  • Create a new certificate

 

In either case, the same certificate needs to be installed on endpoints that will use the HTTPS proxy.


Use an existing certificate


 

If you already posses an intermediate certificate, you can upload it to the firewall and install it on client computers.


To upload an existing certificate


Prerequisite: Ensure that the intermediate certificate is locally stored in the computer from which you are accessing the administrative console of the Dome Firewall virtual appliance.


  • Click the 'Browse' button under the 'Upload proxy certificate' option, navigate to the location where the certificate is stored and click 'Open'.
  • Click 'Upload'

The certificate will be uploaded to the appliance and deployed.


Creating a New Certificate


The Dome Firewall is capable of creating a new self signed intermediate certificate with one year validity and use it for authentication.  Once a new certificate is created, the existing certificate, if any, will be replaced by the new certificate. Hence the administrator should download the certificate and install it on to the host computers in the network infrastructure that need to authenticate them to  the  HTTPS proxy service.


To create a certificate

  • Click the 'Create a new certificate' button. A confirmation dialog will be displayed.


  • Click 'OK'

A new certificate will be created and deployed in the DWF virtual appliance.

  • To download the certificate for transferring to the clients in the network, click the 'Download' link within the parenthesis beside 'Upload proxy certificate'. Transfer the certificate onto the computers in the network and install it on their Intermediate Certificate Store.


Our Products
  • Free Antivirus
  • Free Internet Security
  • Website Malware Removal
  • Free Anti-Malware
  • Anti-Spam (Free Trial)
  • Windows Antivirus
  • Antivirus for Windows 7
  • Antivirus for Windows 8
  • Antivirus for Windows 10
  • Antivirus for MAC
  • Antivirus for Linux
  • Free Endpoint Security
  • Free ModSecurity
  • Free RMM
  • Free Website Malware Scanner
  • Free Device Manager for Android
  • Free Demo
  • Network Security
  • Endpoint Protection
  • Antivirus for Android
  • Comodo Antivirus
  • Wordpress Security
Cheap CDN
  • Bootstrap CDN
  • Semantic UI CDN
  • Jquery CDN
  • CDN Plans
  • CDN
  • Free CDN
Enterprise
  • Patch Management Software
  • Patch Manager
  • Service Desk
  • Website Down
  • Endpoint Protection Solutions
  • Website Security Check
  • Remote Monitoring and Management
  • Website Security
  • Device Manager
  • ITSM
  • CRM
  • MSP
  • Android Device Manager
  • MDR Services
  • Ransomware Prevention
  • Managed IT Support Services
  • Free EDR
Free SSL Certificate
Support Partners Terms and Conditions Privacy Policy

© Comodo Group, Inc. 2023. All rights reserved.