SSL certificate inspection

Forum|Forum|9 years ago
November 28, 2016
1 reply
4112 views

Hello,

really sometimes it happens that ssl (certificate) inspection block some kind of traffic. I've guessed that the problem was related to ssl inspection thanks to sniffing handshakes between client and server. But which is the best way to troubleshoot ssl/tls inspection related issues ? There is no specific log for that ?

FortiOS 5.2.9 FGT 800-C

michaelleroy

New Member

What type of errors are you getting in the browser? I think I might be getting the same error.

IE tells me that I need to enable TLS 1.0, 1.1, and 1.2 and it could be an unsupported Cipher suite.

Chrome returns a ERR_Connection_Closed

Are you seeing the same thing?

MikePruett

New Member

The best way to troubleshoot is to make an exception for the page that is seeing the issue....make everything be identical except for the DPI. From there you can see if it is the culprit.

Some sites, applications, and other endpoints will not accept a MITM cert though so exceptions will need to be made.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded