Skip to main content
mseiler0815
mseiler0815
Visitor III
June 13, 2022
Question

SSL Decryption Log

  • June 13, 2022
  • 1 reply
  • 1597 views

Hello,

 

I'm testing SSL Decryption (Deep inspection) on my Windows Computer.

How can I find out why some pages are not shown in the browser or why is some content not shown on a page with videos or pictures. The issue is clear, one or more pages can't be decrypted (Cert Pinning/HSTS/Cyphers not supported/Mutual authentication).

But I can't find the logs in the Fortimanager. I want to see which connection is responsible and what caused the issue.

 

How do you troubleshoot this kind of issue. Which logs do you use? 

 

Or is there a CLI command to troubleshoot? This would be very helpful.

 

Regards

 

Michael 

1 reply

RinoBroer
RinoBroer
Explorer III
June 13, 2022

Dear Michael,

 

Good question, I have this question myself but I think this is the reason: the client does not accept the connection because of cert pinning, HSTS etc. and for this reason the client actively stops the connection.

 

Because the client closes the connection in a usual way no errors will be logged. I have tested this extensively with FileZilla > Help > Check for updates and have come to the above conclusion. Currently, I exclude these domain names from deep inspection.

 

But, If this problem is somehow traceable in the logs then I would like to hear about it!

 

FileZilla traffic capture

DPI_fails_FileZilla_update.png

 

 

Terms & ConditionsAccessibility statement