Public access is only possible through IP direct connection
-
I a a bit confused by the fact that it I connect to my firewall through its name : https://myfirewall.mylittlecompany.com …. the Certificate is now correctly installed but I can only connect to my firewall public interface through its IP address (to prevent DNS Rebind attack).
Now I could create a certificate with alternative names but that seems to be not possible with CACert certificates.
So, What is the point of creating a specific certificate if the firewall expects us to connect to the IP directly (I could "of course" buy a Certificate for that IP).Thanks for explaining me the point ?
\T,
-
That makes it fail the DNS rebinding and/or HTTP REFERER checks, where the hostname you're using isn't the hostname configured on the system. Either change it under System>General Setup, or add an alternate hostname under System>Advanced.