01/05/2017 1302 views

Can you enable SSL only for the web interface on a K1000 version 7?
If not, does the Agent ignore an SSL certificate if the names don't match and still connect?

The scenario is as follows:

K1000 inside the network with internal domain name. Agents only connect when internal or on VPN.
Helpdesk exposed to the web via Web Security Firewall which authenticates use (HTTPS) and passes the session to the K1000 over HTTP. This uses a valid public domain name.

At the moment to have Helpdesk links work outside the building, we use the public domain name (HTTPS) which bounces through the firewall.
This link breaks internally as internally the K1000 is HTTP only.
My theory is if I enable SSL on the K1000 (with certificate with public domain name), when a user clicks on the Helpdesk links, it works inside or outside the building.
BUT my reading of the Admin guide is that will also cause the Agents to talk SSL.

Questions, comments, solutions?
0 Comments   [ + ] Show comments


There are no answers at this time