Unable to visit sites that have HSTS enabled using a FortiGate 100F

Forum|Forum|4 years ago
October 1, 2021
1 reply
21461 views

As of yesterday we are seeing this on sites that have enabled HSTS, in my example Wikipedia is one of these sites. Browser is preventing the end user from continuing because it thinks the site has been compromised like a man-in-the-middle attack. Here is what Firefox says and it always mentions our FG100F cert and I've checked and it has not expired yet.

I'm new to using the FortiGate so any help would be appreciated.

Thanks,

Glen

image.jpg

Best answer by Toshi_Esumi

Looks like the same "Let's Encrypt" cert issue. [link]https://forum.fortinet.com/tm.aspx?m=199129#199137[/link]

Toshi_EsumiAnswer

SuperUser

Looks like the same "Let's Encrypt" cert issue. [link]https://forum.fortinet.com/tm.aspx?m=199129#199137[/link]

grichardsAuthor

New Member

Thanks Toshi Esumi, after reading that post I believe you are correct. We played around with it a bit and found that switching from Proxy-based to Flow-based seems to be a good temp fix for us right now until they come out with an actual fix for this.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded