Help
FortiProxy
FortiProxy provides enterprise-class protection against internet-borne threats and Advanced Web Content Caching
tino_p
Staff
Staff

Created on ‎03-03-2025 12:21 AM

Article Id 379948

Technical Tip: The issue of ERR_CERT_DATE_INVALID when accessing websites via FortiProxy

Description

This article describes the issue of ERR_CERT_DATE_INVALID when clients are accessing some specific websites via FortiProxy:

 

cert_error.jpg

When examining the certificate further, it showed that the certificate learned from FortiProxy was already expired:

 

  invalid_date.jpg

 

However, the actual certificate from FortiProxy is still valid:

 

screenshot.png
Scope FortiProxy.
Solution

Running the packet sniffer in FortiProxy, showed that when FortiProxy was communicating with an upstream device (Sophos Firewall) in TLS handshake, the certificate was encrypted in TLS 1.3 packets. So it should be checked further on the Sophos side. 

 

screenshot1.png
Labels:
382
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.