SSL Inspection and certificate error

Forum|Forum|10 years ago
November 17, 2015
1 reply
18421 views

I understand that if I want to do HTTPs inspection I need to enable SSL inspection on fortinet but this gives error on users browser when opening https websites. This is because we need to install fortinet certificate in user PC , once this is done error goes away .

In guest case senerios where users bring in their own device and we dont have option to install this certificate on each of those devices how would https blocking work ? I believe that we need to instsall the ssl certificate because our certificate is a private generated one , if we purchase a certificate from a known company like https://www.rapidssl.com etc and use that certificate in fortinet and not the default one of fortinet , we might not need to put that certificate in each user PC because this certificate would be globally trusted .

Please advise if i am correct.

Bromont_FTNT

Staff

In order to do man in the middle SSL inspection the Fortigate needs a key signing cert, very unlikely you'll get a CA to issue you the right type of cert.

ciscomemoAuthor

New Member

Thankyou for the reply. I wonder how these ISP then block content on a national level and then a user doesnt need to install any certificate on his end. I know several countries where some kind of content is blocked and an error page displays that you are not allowed to view this page.

ciscomemoAuthor

New Member

can anyone from advance tac answer this please .

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded