Skip to main content
Ralf_Lauerwald
Ralf_Lauerwald
New Member
March 11, 2016
Question

SSL Inspection Error Pinterest

  • March 11, 2016
  • 1 reply
  • 5523 views

Hi,

 

i have a strange problem with pinterest.

When i enable the SSL Inspection in the explicit proxy, the site looks like in the pic in the attachment.

When i disable the inspection, everything is good.

The Certificate from Fortigate is installed on the Clients and every site is working but pinterest not.

Does anybody know why?

 

Its a Fortigate 110c with the 5.2.5 OS

 

Thx

    1 reply

    Ralf_Lauerwald
    Ralf_LauerwaldAuthor
    New Member
    March 14, 2016

    Same issue with youtube.com

     

    is it maybe youtube uses the google sha256 cert and on my Fortigate with OS 5.2.5 i have only the default sha1 cert "Fortinet_CA_SSLProxy" ?

    Ralph1973
    Ralph1973
    New Member
    March 19, 2016

    I suspect it is caused by hsts as protocol. This means that FGT cannot act as man in the middle as far as I know, as long as you use a browser that supports hsts.

    Check this kb article:

    http://kb.fortinet.com/kb/documentLink.do?externalID=FD37095

     

    HSTS is a security feature of the Google browser Chrome. It is designed to detect the man-in-the-middle SSL attacks by making sure that any certificate presented when accessing the Google resource is signed by a specific CA. If it detects any, CA it will simply refuse to continue the SSL handshake and prevent access to the website.

     

    Terms & ConditionsAccessibility statement