Hi Richard,
The SSL certificates are added at the
HTTP service level, under the
definitions tab.
Please see for reference:
https://docs.imperva.com/bundle/v14.2-web-application-firewall-user-guide/page/533.htmImportant things to note:
The WAF is often times deployed in Bridge mode which operates at Layer 2. In this mode, the WAF does not terminate the connection (which means it does not present the certificate to the client),
unless Transparent Reverse Proxy (TRP) is in use. For more information on TRP, please see:
https://docs.imperva.com/bundle/v14.2-web-application-firewall-user-guide/page/3097.htm TRP rules require the certificate to be defined.
The other mode of deployment is Kernel Reverse Proxy, or KRP which operates at Layer 3. In this mode, traffic must be intentionally routed to a VIP that resides on the WAF. The certificates reside in the same place as they do for bridge mode, but are also defined in KRP routing rules.
It is important to understand how the traffic is being routed.
If traffic is currently still routed through the WAF, and it is operating in TRP or KRP mode, removing the certificate will cause the site to go down completely.
------------------------------
Jaired Anderson
Principal Consultant
Imperva
Tulsa OK
------------------------------
Original Message:
Sent: 07-01-2020 09:08
From: Richard Burton
Subject: Imperva blocking new certificate
Morning Jaried Anderson, it is the on-premises WAF.
------------------------------
Richard Burton
Lexisnexis
GA
------------------------------
Original Message:
Sent: 07-01-2020 09:01
From: Jaired Anderson
Subject: Imperva blocking new certificate
Hi Richard,
Can you confirm which product is in use? For example, is this the Cloud WAF or on-premises WAF?
You post has the #ImpervaAgent tag, but agents are used only for Database Activity Monitoring. (DAM)
Thanks.
------------------------------
Jaired Anderson
Principal Consultant
Imperva
Tulsa OK