[Full-disclosure] Webwasher SSL scanner

i am looking for details of the PKI for integration of webwasher ssl
scanner into an organization. they do not appear forthcoming with
details...

does the organization's root CA certify the appliance as a CA (so it
can sign the MitM certs?)

does the organization's CA have to sign each MitM cert for each
approved domain (so it cannot MitM new domains on demand?)

does it use a web UI for PKI management (import/export of certs, requests, etc)

details appreciated. a transparent SSL/TLS MitM device for an entire
organization. i love this idea...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

  • Re: Certificate Renewal Issues
    ... I also wnated to ask when and where do I lengthen the key to extend the life ... Can I do this after the PKI infrastructure is in place? ... You can renew a certificate with the same private key ... >> their certs expire and they are issued new ones. ...
    (microsoft.public.windows.server.security)
  • RE: PKI
    ... How exactly are you using PKI ... new PKI for all new/renewed certs while the old PKI only to republish CRLs, ... and remote access authenticated via ... I plans to install root ca and one subordinate. ...
    (microsoft.public.windows.server.general)
  • Re: Certs in non-domain environment:
    ... you would store each other's certs in each other's store. ... Another option, if you don't already have PKI in place, is to use free certs from cacert.org and have them as the CA. ... In order to use each other's certts, would they need to manually exchange ...
    (microsoft.public.windows.server.security)
  • PKI Certificates
    ... HERE WE GO....I am setting up a PKI for some boxes and I want certs just ... for computer accounts but they are not there and when I try to publish one it ...
    (microsoft.public.windows.server.general)