We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
Accept
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Barracuda Campus
Barracuda WAF-as-a-Service
Overview Documentation Training Materials

Endpoints

  • Last updated on

Barracuda WAF-as-a-Service accepts traffic for your application through Endpoints. An endpoint is a combination of an IP address and a TCP port. One application may have multiple endpoints. Each application must have at least one endpoint.

You might want an application to accept traffic on a number of endpoints in the following situations:

  • to accept both HTTP (port 80) and HTTPS (port 443) traffic.
  • to accept traffic on a non-standard port, for example, port 8000 for HTTP traffic.

HTTPS Endpoints and SSL Certificates

When you configure an endpoint to use the HTTPS protocol, traffic between your users and Barracuda WAF-as-a-Service is encrypted with the SSL protocol. This requires WAF-as-a-Service to have an SSL certificate. By default, Barracuda uses the Let’s Encrypt certificate authority to retrieve SSL certificates for your application. For security purposes, Let’s Encrypt will only issue certificates once the following two conditions are met:

  1. You have modified the DNS records for all of your domains to point to the Barracuda-allocated endpoint address. Refer to Getting Started for information on how to modify the DNS records.
  2. You have an HTTP Endpoint on port 80. If you require different HTTP ports, you can add them as additional endpoints, but maintain the port 80 endpoint in addition.

 

Note that if you change only some of your records, but not others, Barracuda will not be able to obtain a certificate for your endpoint. Users will see a certificate warning when they visit your application. To avoid this issue, be sure to change all DNS records associated with an endpoint at the same time.

 

 

Last updated on