SSL Fatal Alert Received - unknown ca

Forum|Forum|6 years ago
April 13, 2020
1 reply
16507 views

Hi All,

I've recently been seeing a lot of "SSL Fatal Alert received" or "SSL Alert received" with the message being "certificate unknown" or "unknown ca".

When I track the associated IPs back, they almost all turn out to be big name owners: apple, google, dropbox, etc.

I'm assuming/hoping this is likely due to more servers being put online and new server or intermediate ca certs getting generated that haven't percolated through Fortinet's system yet.

Just wanted to check if others are seeing the same thing or if there could be something else going on?

Thanks.

mjcrevier

New Member

Where are the clients located in relation to the firewall they're going through?

Are they hitting a policy with certificate inspection or full SSL inspection enabled?

What firmware are you running?

tanrAuthor

New Member

FortiOS 6.0.9 with clients located on same site as FortiGates (seeing at two locations).

Seeing this both on policies that only have certificate inspection and on policies that have full SSL inspection enabled.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded