Skip to main content
Robert_Cerny
Robert_Cerny
New Member
June 23, 2020
Question

SSL certificate inspection block

  • June 23, 2020
  • 1 reply
  • 2734 views

Hi folks,

looking for an idea here. I use ssl certificate-inspection (default, not deep) on HTTP/HTTPS firewall rule and it recently started to block server https://idos.idnes.cz. I had to allow invalid certificates to get this site to work. I also checked their certificate and it seems to be valid, issued by Sectigo RSA. Does anyone know what's going on here? Where can I find what our FG doesn't like?

 

Thanks

Robert

    1 reply

    andrewbailey
    andrewbailey
    New Member
    June 23, 2020

    Hi Robert,

     

    I'm running a Fortigate 60E at home on 6.4.1. I am also only using SSL Inpsection (not deep insepction). I'm set to block invalid certificates.

     

    I don't seem to have any issues with that site and certainly as you say the certificate looks valid to me.

     

    Not sure if that helps much? But perhaps points to config or software issue on your site maybe?

     

    Kind Regards,

     

     

    Andy.

     

    Terms & ConditionsCookie settingsAccessibility statement