• Introduction To Dome Cloud Firewall
  • Login To The Dome Cloud Firewall Module
  • Get Started
• The Dashboard
• The Main Interface
• View And Modify System Status And General Configuration
  • Configure GUI Settings
  • View And Update DCF Version
  • Create And Schedule Backup Of DCF State
    • Manually Create A Backup
    • Schedule Backup Operations
    • Encrypt Backup Archives
    • Export A Backup
    • Import A Backup Archive From A Local Computer
    • Roll Back DCF Sate To A Previous Time Point
    • Reset DFS State To Factory Defaults
• View Dome Cloud Firewall Status
  • System Status
  • Network Status
  • System Usage Summaries
  • Network Traffic
  • Network Connections
  • SSLVPN Connections
• Network Configuration
• Configure ICAP Services
• Manage Firewall Configuration
  • Firewall Objects
    • Manage Firewall Address Objects
    • Manage Firewall Object Groups
    • Manage Firewall Schedules
    • Active Directory Integration
  • Source Network Address Translation
  • Configure Virtual IP For Destination Network Address Translation
  • Configure System Access
  • Configure Firewall Policy Rules
    • Manage Firewall Policy Rules
    • Manage VPN Firewall Rules
• Configure HTTPS Proxy Services
• Configure Virtual Private Network Settings
  • SSL VPN Server
    • Configure General SSL VPN Server Settings
    • Manage SSL VPN Client Accounts
    • Configure Advanced SSL VPN Server Settings
    • Configure LDAP Server Settings
    • Configure Clients To Connect To Dome Cloud Firewall
  • SSLVPN Client
  • IPSec Configuration
  • L2TP Server Configuration
  • IPsec / L2TP Users Configuration
• View Logs
  • Realtime Logs
  • Configure Log Settings
• About Comodo Security Solutions

Configure HTTPS Proxy Services

• Dome Cloud Firewall can provide a HTTPS Proxy service. The service receives requests for encrypted webpages from internal hosts, retrieves and caches the requested resources, applies any access control policies and forwards them to the requesting hosts.

• The Dome Cloud Firewall intermediate SSL certificate needs to be installed on endpoints in order to analyze SSL traffic and to authenticate themselves to the HTTPS proxy.

• Click 'Proxy' > 'HTTPS' on the left to configure the HTTPS proxy:
  

The interface allows you to enable the proxy service and upload the intermediate certificate.

• Accept every certificate - This option appears only if the HTTPS proxy service is enabled. If left unselected, DCF will only accept valid SSL certificates from remote servers. If enabled, the proxy will accept all certificates from remote servers, including outdated certificates.

• Click 'Save'. A confirmation dialog will appear.

• Click 'Apply' for your settings to take effect.

Certificate Settings

The intermediate certificate can be deployed to the HTTPS proxy service in two ways:

• Use an existing certificate

• Create a new certificate

In either case, the certificate needs be deployed to those endpoints in your network which will use the HTTPS proxy.

Using an existing certificate

If you already have an intermediate certificate you wish to use, you can upload and install it on client computers.

To upload an existing certificate

• Click the 'Choose File' button under the 'Upload proxy certificate' option, navigate to the location where the certificate is stored and click 'Open'.

• Click 'Upload'

The certificate will be uploaded to DCF and deployed.

Creating a New Certificate

DCF is capable of creating a new self signed intermediate certificate with one year validity. Any existing certificates will be replaced by the new certificate. The certificate will then need to be installed on endpoints that need to authenticate themselves to the HTTPS proxy service.

To create a certificate

• Click the 'Create a new certificate' button. A confirmation dialog will be displayed.

• Click 'OK'

• Click the 'Download' link so you can export the certificate to network endpoints.